ad5b19455c486fe5b2eb96a423b072d7aa82d7d7856b737d97f6bad2eae0c18b

Sharing

Copy URL Twitter E-mail

General

Target

ad5b19455c486fe5b2eb96a423b072d7aa82d7d7856b737d97f6bad2eae0c18b
Size

3.4MB
MD5

f6c7ade196aefca0de95c17414e5cb32
SHA1

fa160663484ea6a658de78f8177b3afe3864c447
SHA256

ad5b19455c486fe5b2eb96a423b072d7aa82d7d7856b737d97f6bad2eae0c18b
SHA512

da64455b78c910031c71baa6a382bd8ac8b4300a512b1dda561d9b8553dd23ff0a7502205edb8b2e113281e80fd44579ce47201db292795e4753f0960cfbe1e9
SSDEEP

49152:/ZxjjFjf7zLEc/hmhWdVnC97W7NfGvIk7PDYB6IqAP3pNF8vOnoA3:1Ec/Ah4RqFHkl3pNavOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad5b19455c486fe5b2eb96a423b072d7aa82d7d7856b737d97f6bad2eae0c18b

Files

ad5b19455c486fe5b2eb96a423b072d7aa82d7d7856b737d97f6bad2eae0c18b
.exe windows x86

0ac175c79abe252e70c79a7bc77960f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamClose

ws2_32

getsockname

kernel32

GetVersion

user32

LoadStringA

gdi32

RoundRect

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegQueryValueExA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

RegisterTypeLi

comctl32

ord17

wldap32

ord29

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 2.3MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmps
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmps
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ac175c79abe252e70c79a7bc77960f7

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

msvcrt

iphlpapi

psapi

Sections

.text Size: 2.3MB - Virtual size: 6.0MB

.vmps Size: 1.0MB - Virtual size: 1.0MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 16KB

.vmps Size: 4KB - Virtual size: 4KB

.text
Size: 2.3MB - Virtual size: 6.0MB

.vmps
Size: 1.0MB - Virtual size: 1.0MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 16KB

.vmps
Size: 4KB - Virtual size: 4KB