c2ffd4754a44e590deab7b75d66f71f0f0aa4acfc7a3ff06150f8f97817db651

Sharing

Copy URL Twitter E-mail

General

Target

c2ffd4754a44e590deab7b75d66f71f0f0aa4acfc7a3ff06150f8f97817db651
Size

14.2MB
MD5

9fb6d5b139867964d6694ba3b476bd60
SHA1

ab0b6155a1ae39c0ab4f499a6426fe73fe946328
SHA256

c2ffd4754a44e590deab7b75d66f71f0f0aa4acfc7a3ff06150f8f97817db651
SHA512

a293a59f4148447c6844381021bbcd71941d2dcd62f3fb7b12e957a16994598c3b706270894be5b2d637f34a9cce7dc238b351aa8b4fb0b75991e2211928d1d3
SSDEEP

196608:dqj+L77qYznYgVoK85mev3dprKpdqC7MRPOZC2Phdhd5TJUjyDBUG3sNVPlke:dUW7fYTK03mn57M6JdNDB8Vdk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2ffd4754a44e590deab7b75d66f71f0f0aa4acfc7a3ff06150f8f97817db651

Files

c2ffd4754a44e590deab7b75d66f71f0f0aa4acfc7a3ff06150f8f97817db651
.exe windows x86

bbe3c1b8a66dcfcad05d42e652b55760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetConnectStatusA

kernel32

TerminateProcess

user32

RegisterClassA

gdi32

GetViewportExtEx

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegCreateKeyA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

closesocket

wininet

InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 767KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbe3c1b8a66dcfcad05d42e652b55760

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 767KB

.rdata Size: - Virtual size: 2.3MB

.data Size: - Virtual size: 345KB

.rsrc Size: 112KB - Virtual size: 109KB

.svmp1 Size: - Virtual size: 3.9MB

.svmp2 Size: 5.2MB - Virtual size: 5.2MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.8MB - Virtual size: 5.8MB

.svmp5 Size: 12KB - Virtual size: 11KB

.svmp6 Size: 432KB - Virtual size: 431KB

.text
Size: - Virtual size: 767KB

.rdata
Size: - Virtual size: 2.3MB

.data
Size: - Virtual size: 345KB

.rsrc
Size: 112KB - Virtual size: 109KB

.svmp1
Size: - Virtual size: 3.9MB

.svmp2
Size: 5.2MB - Virtual size: 5.2MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

.svmp5
Size: 12KB - Virtual size: 11KB

.svmp6
Size: 432KB - Virtual size: 431KB