b96069f11b8b48608540fe1d543d51bc4bedfbdbcd8098a4a1f95726741c8c51

Sharing

Copy URL Twitter E-mail

General

Target

b96069f11b8b48608540fe1d543d51bc4bedfbdbcd8098a4a1f95726741c8c51
Size

5.6MB
MD5

578d37df197d1616124d05be72904ad9
SHA1

5aa77b0964df9f39156ca00e18a25c32f5b9e61a
SHA256

b96069f11b8b48608540fe1d543d51bc4bedfbdbcd8098a4a1f95726741c8c51
SHA512

4391c163bf7033298eacfcf5963384e443877b8ac8dc2ccfa5d1ba74f610c4d38128f0a0e799379a513f1bf8638734b0eb99eb1b3931b479c2c4a7a117830d6e
SSDEEP

98304:LEwvis/uLF7wdy2YkwVbbVB5p078G4VNpMGKWPOBwXKCmtmEjfxxBXm3:5vif5JnbBW78dpMmOCXKCSjfxXXw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b96069f11b8b48608540fe1d543d51bc4bedfbdbcd8098a4a1f95726741c8c51

Files

b96069f11b8b48608540fe1d543d51bc4bedfbdbcd8098a4a1f95726741c8c51
.exe windows x64

8c6b63ccca9345d3c2242be17de998d3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

wsock32

__WSAFDIsSet

version

GetFileVersionInfoSizeW

winmm

timeGetTime

comctl32

ImageList_Remove

mpr

WNetCancelConnection2W

wininet

InternetReadFile

psapi

EnumProcesses

userenv

UnloadUserProfile

kernel32

HeapAlloc

user32

GetKeyboardLayoutNameW

gdi32

DeleteObject

comdlg32

GetSaveFileNameW

advapi32

RegEnumValueW

shell32

DragQueryPoint

ole32

OleSetMenuDescriptor

oleaut32

SafeArrayAllocData

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

Sections

.text
Size: 406KB - Virtual size: 856KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c6b63ccca9345d3c2242be17de998d3

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

version

winmm

comctl32

mpr

wininet

psapi

userenv

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

iphlpapi

msvcrt

Sections

.text Size: 406KB - Virtual size: 856KB

.sedata Size: 1.8MB - Virtual size: 1.8MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 12KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 406KB - Virtual size: 856KB

.sedata
Size: 1.8MB - Virtual size: 1.8MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 12KB

.sedata
Size: 4KB - Virtual size: 4KB