b03541d2da5e5e2a5b173ea59a943db6a7ceb71fadb3a6a8e3ecd2e62f5ed43bN

Sharing

Copy URL

Twitter E-mail

General

Target

b03541d2da5e5e2a5b173ea59a943db6a7ceb71fadb3a6a8e3ecd2e62f5ed43bN
Size

213KB
MD5

ab3c3723c6a5f0eb3920e00262af32c0
SHA1

8942a6517d824795fb6d7704342e5de6d851773f
SHA256

b03541d2da5e5e2a5b173ea59a943db6a7ceb71fadb3a6a8e3ecd2e62f5ed43b
SHA512

e38faf31b0d849502c0818d5b3be0acbac3f281eca21002dda874e1828531503bbfcd6211350d4726f83e84bd9c895ca668f10d05da6d437d27e6fa96e0a5192
SSDEEP

6144:l7++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:I+cff22qZhZcKYhc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b03541d2da5e5e2a5b173ea59a943db6a7ceb71fadb3a6a8e3ecd2e62f5ed43bN

Files

b03541d2da5e5e2a5b173ea59a943db6a7ceb71fadb3a6a8e3ecd2e62f5ed43bN
.exe windows:4 windows x86 arch:x86

98aa7065495f35513795744857924eba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
IsBadStringPtrW
CreateMailslotW
GetEnvironmentVariableA
GetWindowsDirectoryW
SetUnhandledExceptionFilter
lstrcpynW
GetTempPathW
GetLogicalDriveStringsA
ConnectNamedPipe
lstrcpyn
GetProcAddress
GetNumberFormatA
GetOEMCP
OpenMutexW
FileTimeToSystemTime
CreateEventW
GetModuleHandleA
CreateSemaphoreW
GetLongPathNameW
lstrcpy
SetCalendarInfoA
GetCommandLineW
DosDateTimeToFileTime
QueryPerformanceFrequency
FileTimeToLocalFileTime

user32

IsDlgButtonChecked
GetWindowTextA
GetWindowLongA
GetAsyncKeyState
GetActiveWindow
MonitorFromRect
GetMenuStringA
BringWindowToTop
CharUpperA
CheckMenuItem
GetActiveWindow
GetDlgItemTextW
GetParent
UpdateLayeredWindow
GetDCEx
GetMessageW
GetCursorPos
LoadMenuA

gdi32

SetArcDirection
ColorMatchToTarget
ExtFloodFill
LPtoDP
SetStretchBltMode
SetSystemPaletteUse
SetMiterLimit
ColorCorrectPalette
CopyEnhMetaFileW
SetWindowExtEx
ExtTextOutW
FillRgn
IntersectClipRect
CreateCompatibleDC
GetTextColor
SetViewportOrgEx
RestoreDC
PolylineTo

advapi32

RegReplaceKeyA
RegRestoreKeyA
RegDeleteValueA
RegEnumValueW
RegCreateKeyExA

shlwapi

UrlCombineA

comctl32

ImageList_SetFlags

wininet

SetUrlCacheEntryInfoA

winspool.drv

ConvertUnicodeDevModeToAnsiDevmode
EnumJobsA
AdvancedDocumentPropertiesW
SplDriverUnloadComplete
ExtDeviceMode
QuerySpoolMode
SetDefaultPrinterA
ConfigurePortA
GetPrinterDataExW
DeviceCapabilitiesA

wsock32

ntohs
dn_expand
rexec
getservbyport
GetNameByTypeA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.WjTd
Size: 1KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.H
Size: 3KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Grrl
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Lx
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eB
Size: 1KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98aa7065495f35513795744857924eba

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

comctl32

wininet

winspool.drv

wsock32

Sections

.text Size: 12KB - Virtual size: 11KB

.WjTd Size: 1KB - Virtual size: 38KB

.H Size: 3KB - Virtual size: 31KB

.Grrl Size: 1KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 10KB

.Lx Size: 1KB - Virtual size: 34KB

.eB Size: 1KB - Virtual size: 269KB

.rsrc Size: 164KB - Virtual size: 163KB

.htext Size: 12KB - Virtual size: 12KB

.text
Size: 12KB - Virtual size: 11KB

.WjTd
Size: 1KB - Virtual size: 38KB

.H
Size: 3KB - Virtual size: 31KB

.Grrl
Size: 1KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 10KB

.Lx
Size: 1KB - Virtual size: 34KB

.eB
Size: 1KB - Virtual size: 269KB

.rsrc
Size: 164KB - Virtual size: 163KB

.htext
Size: 12KB - Virtual size: 12KB