90701a3781f6aece6aaf1d3605a02eedf159c9ae5ca685ded71b19bdfff20636[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

90701a3781f6aece6aaf1d3605a02eedf159c9ae5ca685ded71b19bdfff20636.exe
Size

123KB
MD5

7c98c0878b33e3987cc2e9d66344605e
SHA1

83356419aaba4d4676146938afd057cfe3441ae9
SHA256

90701a3781f6aece6aaf1d3605a02eedf159c9ae5ca685ded71b19bdfff20636
SHA512

de65e076140991bddb3e220fd24be12dd9974ac0fbd06da70db6b21f3cd7d618ccbde54a2a9f6cd7e72fb9968ef939ab2dae3494b5d6a74278fe89a7d4c196bd
SSDEEP

3072:D8q8/KGHNOMZXJEEOvd44Ts2ktrAN9j3gli0B0vHs7y5uoRz4s:Dr8/KCXEEQd4oErAN9cPEZ5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90701a3781f6aece6aaf1d3605a02eedf159c9ae5ca685ded71b19bdfff20636.exe

Files

90701a3781f6aece6aaf1d3605a02eedf159c9ae5ca685ded71b19bdfff20636.exe
.exe windows:4 windows x86 arch:x86

99a2a9851c25f027c550576d5ab6371d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_except_handler3

shell32

SHGetSpecialFolderPathW

oleaut32

VariantChangeType
VarDateFromUdate
VarRound
RegisterActiveObject
VarUI1FromDec
RegisterTypeLi
SafeArrayGetVartype
SafeArraySetIID
LHashValOfNameSys
VarDateFromDec
VarR8FromDec
SafeArrayGetElemsize
VarDiv
VarBstrFromBool
VarI4FromDec
VarR8FromUI2
SafeArraySetRecordInfo
VarCyRound
VarCyMulI4
VarI2FromDisp
VarI1FromDate
VarDecRound
VarXor
VarI1FromR4
VarAdd
VarBstrFromR4
VarI2FromI4
VarUI4FromR8
VarR4CmpR8
VarCyFromUI2
VarI4FromUI1
VarR4FromR8
VarDecFromDisp
SysStringLen
VarSu
VarBoolFromI1
VarUI4FromBool
GetRecordInfoFromGuids
VarI4FromDisp
SafeArrayGetRecordInfo
VarDecFromR8
BSTR_UserUnmarshal
VarBoolFromR4
VarI1FromUI2
VarI4FromI1
VarBstrFromUI2
VarUI4FromI2
ClearCustData
SafeArrayGetUBound

winspool.drv

SetPrinterDataExW
DeleteMonitorA
EnumPortsA
EnumPrinterKeyW
DeleteFormA
SetPrinterA
FindFirstPrinterChangeNotification
DeviceCapabilitiesW
GetPrinterDataA
DocumentPropertiesA
DeletePrinterKeyW
EnumPrintersW
GetPrinterDriverDirectoryW
DeletePrinterDriverA
EnumJobsA
ConfigurePortW
GetPrinterDataW
DeletePrinterDriverExW
EnumMonitorsW
OpenPrinterW
AddPortA
EnumPrinterKeyA
EnumPrintProcessorDatatypesW
GetPrinterDriverW
DeletePrintProvidorW
GetFormA
EnumPortsW
WaitForPrinterChange
AddPrinterDriverA
EndDocPrinter
GetPrintProcessorDirectoryA
GetPrintProcessorDirectoryW
ConnectToPrinterDlg
PrinterMessageBoxA
EnumFormsW
DeletePortW
AddMonitorA
SetFormA
PrinterProperties
GetPrinterDriverDirectoryA
SetPrinterW
FindClosePrinterChangeNotification
AddJobW
DeletePrinterDataW
DeletePrinter
EnumMonitorsA
AddFormA
EnumPrintProcessorsA
AddPortW
AddJobA
AdvancedDocumentPropertiesA
SetPortW
FreePrinterNotifyInfo
SetPrinterDataW
ConfigurePortA
DeletePrinterConnectionW
AddPrinterDriverExA
DeletePrinterConnectionA
DeletePrinterDataA
AddMonitorW
ClosePrinter
EnumPrinterDriversA
AddPrinterDriverW
OpenPrinterA
SetPrinterDataA
XcvDataW
GetJobW
DeletePrintProcessorW
ReadPrinter
SetPrinterDataExA
DeletePrintProcessorA
AbortPrinter
DeletePrintProvidorA
DeleteMonitorW
DeviceCapabilitiesA
EnumPrintersA
SetJobA
ResetPrinterW
DeletePrinterDataExW
DeletePrinterKeyA
WritePrinter
AddPrintProcessorA
StartPagePrinter
ResetPrinterA
GetPrinterW
DeletePrinterDriverExA
AddPrintProvidorA
ScheduleJob
GetPrinterDriverA
AdvancedDocumentPropertiesW
GetJobA
DeletePrinterDriverW
DocumentPropertiesW
AddPrinterConnectionW
SetPortA
GetPrinterDataExA
AddPrintProcessorW
EndPagePrinter
AddPrinterConnectionA
GetPrinterDataExW
DeleteFormW
EnumFormsA
AddPrinterDriverExW
EnumPrintProcessorsW
GetFormW
EnumPrinterDataExW
AddPrinterA
EnumPrinterDataA
GetPrinterA
StartDocPrinterA
DeletePrinterDataExA
SetJobW
FindNextPrinterChangeNotification
AddPrintProvidorW
StartDocPrinterW
EnumPrinterDataW
DeletePortA
AddPrinterW
EnumPrintProcessorDatatypesA

comdlg32

ChooseFontA
GetOpenFileNameA

comctl32

ImageList_Add
FlatSB_GetScrollRange
FlatSB_SetScrollPos
ImageList_ReplaceIcon
CreatePropertySheetPageW
ImageList_Draw
ImageList_SetDragCursorImage
ImageList_LoadImageA
ImageList_GetIconSize
ImageList_DragEnter
FlatSB_GetScrollPos
ord16
_TrackMouseEvent
ord14
ImageList_AddMasked
ord6

rpcrt4

RpcAsyncInitializeHandle

ole32

SNB_UserFree
STGMEDIUM_UserSize
CoMarshalHresult
PropVariantCopy

kernel32

GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99a2a9851c25f027c550576d5ab6371d

Headers

File Characteristics

Imports

msvcrt

shell32

oleaut32

winspool.drv

comdlg32

comctl32

rpcrt4

ole32

kernel32

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 43KB - Virtual size: 43KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 43KB - Virtual size: 43KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 2KB