Rendicontazione[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

Rendicontazione.exe
Size

132KB
MD5

dbf96ab40b728c12951d317642fbd9da
SHA1

38687e06f4f66a6a661b94aaf4e73d0012dfb8e3
SHA256

daab430bb5771eaa7af0fbd3417604e8af5f4693099a6393a4dc3b440863bced
SHA512

a49cc96651d01da5d6cbb833df36b7987eafb4f09cc9c516c10d0d812002d06ae8edee4e7256c84e300dc2eadad90f7bb37c797bccdee4bad16fcaf88277b381
SSDEEP

3072:uItv1YJOQnVc2pEANuoUeyCx9CC5O86BJaoqsf:xrr2pEANuXCx9Jd6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Rendicontazione.exe

Files

Rendicontazione.exe
.exe windows:4 windows x86 arch:x86

33259202a22c25d002be697749eb957e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

ungetc

powrprof

GetPwrCapabilities

oleaut32

GetRecordInfoFromTypeInfo

gdi32

GetFontUnicodeRanges
GetViewportExtEx
GetTextExtentExPointA
GetWindowExtEx
GetTextCharacterExtra
DeleteObject
GetOutlineTextMetricsW
GetPaletteEntries
GetObjectType
GetTextExtentPointW
FloodFill

user32

GetMessageExtraInfo
GetMenuState
GetPropW
IsZoomed
FrameRect
GetWindowTextLengthA
GetSysColor
GetDesktopWindow
DefMDIChildProcA
GetCapture
InsertMenuItemA
FillRect
GetUpdateRgn
LoadIconA
GetUserObjectInformationA
DeferWindowPos
DrawFrameControl

advapi32

DeregisterEventSource
GetOldestEventLogRecord
GetUserNameW
IsTextUnicode

secur32

GetComputerObjectNameW

shlwapi

wnsprintfW

clusapi

GetClusterResourceNetworkName

winspool.drv

FindFirstPrinterChangeNotification
GetPrinterDriverW

kernel32

lstrcmpA
GetModuleHandleA
GetBinaryTypeW
GetProfileIntW
GetPrivateProfileStructA
IsProcessInJob
EscapeCommFunction
WritePrivateProfileStructW
GetPrivateProfileStringW
GetCurrentActCtx
GlobalFindAtomW
GetAtomNameW
GetOverlappedResult
GetPrivateProfileIntA
GetWindowsDirectoryA
GetDriveTypeW
LocalLock
GetCurrentProcessId
GetSystemTimeAdjustment
GetUserDefaultLCID
GetModuleFileNameW
GetSystemWindowsDirectoryW

urlmon

MkParseDisplayNameEx

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33259202a22c25d002be697749eb957e

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

powrprof

oleaut32

gdi32

user32

advapi32

secur32

shlwapi

clusapi

winspool.drv

kernel32

urlmon

Sections

.text Size: 4KB - Virtual size: 3KB

.code Size: 12KB - Virtual size: 10KB

.adata Size: 8KB - Virtual size: 7KB

.rdata Size: 92KB - Virtual size: 90KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 980B

.text
Size: 4KB - Virtual size: 3KB

.code
Size: 12KB - Virtual size: 10KB

.adata
Size: 8KB - Virtual size: 7KB

.rdata
Size: 92KB - Virtual size: 90KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 980B