68a910bbe8689c6e809953bf8d7f03612cec7dac5a991c201bf5098390cdea2e

Sharing

Copy URL

Twitter E-mail

General

Target

68a910bbe8689c6e809953bf8d7f03612cec7dac5a991c201bf5098390cdea2e
Size

2.5MB
MD5

dfe4350570f1410ad72b864cd8fc988b
SHA1

5e1720aef0fd79b3f4f2217702844b3dd58a521b
SHA256

68a910bbe8689c6e809953bf8d7f03612cec7dac5a991c201bf5098390cdea2e
SHA512

3e176bd447be150847d6241df9ccd5c7fa97e562cadad96d40e62b3287baeadf12b5d20b94eb736d82fc592722139650f42fd5b95c32a46a39f798f99f29fc53
SSDEEP

49152:1YTUg6/Pj8fqgqfhrM0t2JJ5y3xDM199uTypmNdth1ex8PScHS3IOh:1YTUHj8DqfJMb5kw19KndtTexFLYa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68a910bbe8689c6e809953bf8d7f03612cec7dac5a991c201bf5098390cdea2e

Files

68a910bbe8689c6e809953bf8d7f03612cec7dac5a991c201bf5098390cdea2e
.exe windows x86

a6ef601aa5627cc77124ef914c77ba5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

kernel32

GetCurrentThread

user32

ChangeDisplaySettingsA

gdi32

CreateCompatibleDC

shlwapi

PathFileExistsA

wininet

InternetCloseHandle

dbghelp

StackWalk

dsound

ord1

ddraw

DirectDrawCreate

directnetclient

?CreateInstance@iDirectNetClient@@SAPAV1@XZ

iphlpapi

GetAdaptersInfo

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

StgCreateDocfileOnILockBytes

msvcrt

strncpy

psapi

GetMappedFileNameW

Exports

Exports

GetLocalMac
WriteGuidFile

Sections

.text
Size: 1.6MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6ef601aa5627cc77124ef914c77ba5d

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

shlwapi

wininet

dbghelp

dsound

ddraw

directnetclient

iphlpapi

advapi32

shell32

ole32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 6.5MB

.sedata Size: 872KB - Virtual size: 872KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.6MB - Virtual size: 6.5MB

.sedata
Size: 872KB - Virtual size: 872KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB