f2355dd0fc190425cde782ae8fbdbf94e7994e4dfd92586ea9081a3aec01f635

General

Target

f2355dd0fc190425cde782ae8fbdbf94e7994e4dfd92586ea9081a3aec01f635
Size

2.6MB
MD5

7d3f7483b606de59e04b909a90c3b117
SHA1

51398b86710536b7f6b37be3926cf950e0620f35
SHA256

f2355dd0fc190425cde782ae8fbdbf94e7994e4dfd92586ea9081a3aec01f635
SHA512

79c40039597375e3a95e6a9bb4fec8fc278d20fa9385ba8aefb646b92a77860e22e1a8b237a92f1b270c51da1ee2f1f21f23f1ee87437ea2699b1174e7a8c908
SSDEEP

49152:P3qDJyikXbvlCs9LUSmNzhPQz0fhU2sw1ei6XpVCVKqYYZKnj4:P3WJ6XbvlCs9LUDNPQGhvx47kKn4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2355dd0fc190425cde782ae8fbdbf94e7994e4dfd92586ea9081a3aec01f635

Files

f2355dd0fc190425cde782ae8fbdbf94e7994e4dfd92586ea9081a3aec01f635
.exe windows:4 windows x86 arch:x86

19a62168a80fdaf75b943d65474e6b9c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

GetFileType
LoadLibraryA
LeaveCriticalSection
GetTickCount
EnterCriticalSection
InitializeCriticalSection
GetCommandLineA
GetStartupInfoW
GetLocaleInfoA
GetLocaleInfoW
GetProcAddress
GetLastError
Sleep
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

GetKeyState
MessageBoxA

winspool.drv

StartPagePrinter

comdlg32

GetFileTitleW
ChooseColorA
CommDlgExtendedError

ole32

StringFromIID

shlwapi

PathStripToRootW

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19a62168a80fdaf75b943d65474e6b9c

Headers

File Characteristics

Imports

comctl32

kernel32

user32

winspool.drv

comdlg32

ole32

shlwapi

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 32KB

.rsrc Size: 448KB - Virtual size: 448KB

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 32KB

.rsrc
Size: 448KB - Virtual size: 448KB