8d913cb4bcb57a7c888d36613236c87faeb8f2b2c53154ce2dadc270135cc5bf[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

8d913cb4bcb57a7c888d36613236c87faeb8f2b2c53154ce2dadc270135cc5bf.exe
Size

21KB
MD5

04cd13dca00ea3151a0e44b6a9c80d46
SHA1

13d94efb3736d3830dc7281a20bc7f3ea33d90fa
SHA256

8d913cb4bcb57a7c888d36613236c87faeb8f2b2c53154ce2dadc270135cc5bf
SHA512

f364720e31f96cbfed57018b86a852023e42b213dfcafdc1c1c794fbd6aba9f7c665b99bc4a0344e641e4a6b58de75a2c9a3bbbe6568f83f9066e2083fe49b34
SSDEEP

384:p5SgF17IBNoAoIaR5RA7kI2tH65yPOCcMf1+:p5SgF1IdaTGezPOZMf1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d913cb4bcb57a7c888d36613236c87faeb8f2b2c53154ce2dadc270135cc5bf.exe

Files

8d913cb4bcb57a7c888d36613236c87faeb8f2b2c53154ce2dadc270135cc5bf.exe
.dll windows:6 windows x86 arch:x86

cd02892fcb31cff1e3cce4d2799ffeaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
GetProcessHeap
VirtualProtect
lstrcpyW
lstrcatW
lstrlenW
HeapAlloc

winspool.drv

AddPortW
EnumMonitorsA
DeletePrinterIC
EnumPrinterKeyW
GetFormW
ord206

rpcrt4

I_RpcTransGetThreadEvent
NdrSendReceive
I_RpcBindingCopy
NdrSimpleStructMemorySize
NdrContextHandleSize
NdrClientContextUnmarshall

resutils

ResUtilResourcesEqual
ResUtilGetBinaryProperty
ResUtilVerifyPropertyTable
ResUtilGetBinaryValue
ResUtilGetPropertiesToParameterBlock
ResUtilGetAllProperties
ResUtilFreeParameterBlock

msacm32

acmStreamSize
acmStreamClose
acmDriverAddW
acmStreamUnprepareHeader
acmFilterTagDetailsA
acmDriverPriority
acmFilterEnumA
acmDriverDetailsW
acmStreamMessage

rtm

RtmGetRouteAge
MgmInitialize
RtmBlockSetRouteEnable
MgmGetMfe
MgmRegisterMProtocol
RtmLookupIPDestination

loadperf

UnloadPerfCounterTextStringsW
LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsA

msi

ord136
ord124
ord161
ord138
ord70
ord84
ord29
ord57

ole32

CoTaskMemAlloc

msvcrt

memcpy
memset
free
_initterm
malloc
_adjust_fdiv
memcmp

Exports

Exports

jblfrvlhx

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd02892fcb31cff1e3cce4d2799ffeaf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

rpcrt4

resutils

msacm32

rtm

loadperf

msi

ole32

msvcrt

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 464B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 464B