cfbd8d825b4e2591e86114396f6f0f8da2789a021783369d189e76f4ec04a037N

Sharing

Copy URL

Twitter E-mail

General

Target

cfbd8d825b4e2591e86114396f6f0f8da2789a021783369d189e76f4ec04a037N
Size

232KB
MD5

288837f6bbc76ee1c2c8006badd25240
SHA1

a52ceb14e43e662b41b353d4318be75178fa1847
SHA256

cfbd8d825b4e2591e86114396f6f0f8da2789a021783369d189e76f4ec04a037
SHA512

5cdeb02e08847c10389a9329735e05cbfaae5270afac2560722ec19128966ce7f818b6012ce5868303cb76ce8fb1d82654fe1d836ae8805959eba714b858eff6
SSDEEP

3072:154FJ/GDfjgJffOmJJbRlWuPb8fBgFb4tz+8dzPsHWS5:15mJa7mJwuz8fBgFb4tz+QGWk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfbd8d825b4e2591e86114396f6f0f8da2789a021783369d189e76f4ec04a037N

Files

cfbd8d825b4e2591e86114396f6f0f8da2789a021783369d189e76f4ec04a037N
.dll windows:4 windows x86 arch:x86

a5a2b387dd6983d03968544c8ab49ffa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

cfgmgr32

CM_Get_DevNode_Status

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiClassGuidsFromNameA
SetupDiGetClassDevsA
SetupDiOpenClassRegKey

kernel32

GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
RaiseException
HeapSize
HeapReAlloc
GetACP
Sleep
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
VirtualProtect
GetSystemInfo
VirtualQuery
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
GetModuleFileNameA
GetProcessVersion
LoadLibraryA
FreeLibrary
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetModuleHandleA
GetProcAddress
WritePrivateProfileStringA
GlobalFlags
SetLastError
GetVersion
lstrcpynA
lstrcatA
SetErrorMode
GetLastError
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
CloseHandle
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
lstrcpyA
SetHandleCount
OutputDebugStringA

user32

RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextA
TabbedTextOutA
ReleaseDC
GetDC
GetMenuItemCount
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SystemParametersInfoA
IsIconic
SetCursor
PostMessageA
PostQuitMessage
wsprintfA
SendMessageA
GetMenuCheckMarkDimensions
ModifyMenuA

gdi32

CreateBitmap
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Exports

Exports

EnumDevices
EnumDevicesChange
GetDeviceInfo
ShowDevice8180

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a5a2b387dd6983d03968544c8ab49ffa

Headers

File Characteristics

Imports

cfgmgr32

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 238KB

.sxdata Size: 4KB - Virtual size: 156B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 12KB - Virtual size: 10KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 238KB

.sxdata
Size: 4KB - Virtual size: 156B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 12KB - Virtual size: 10KB

.text
Size: 108KB - Virtual size: 108KB