332f87eedfec1d519402eddb2f1fce683ab0899c593f295feef487e4f90db5a7

Sharing

Copy URL Twitter E-mail

General

Target

332f87eedfec1d519402eddb2f1fce683ab0899c593f295feef487e4f90db5a7
Size

870KB
MD5

5434705c278c5e4c247d285dbf335550
SHA1

078e50cabfa7121c7278001d455ef14a2669b43d
SHA256

332f87eedfec1d519402eddb2f1fce683ab0899c593f295feef487e4f90db5a7
SHA512

ec7eb6284e157ea9930cacb7f8b0e878ebcb0503c56d73fe6c8f7a594636c4ec8e9d1549ac1a8833acd57cbc52e28dd380bbe3eb8749f9da4e426f0f1233d426
SSDEEP

24576:e2g00hzAMk9TIodiaHun4fHG9Y+VoBoJwEl4fHG9Y+VoBoJwq:e2XSuTZ7Hun4fm9Y+DwEl4fm9Y+Dwq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
332f87eedfec1d519402eddb2f1fce683ab0899c593f295feef487e4f90db5a7

Files

332f87eedfec1d519402eddb2f1fce683ab0899c593f295feef487e4f90db5a7
.exe windows x64

4e26fdf4e9ac1384826a88505b17e984

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

mfc100

ord12088

msvcr100

pow

user32

GetDC

gdi32

Pie

comdlg32

GetSaveFileNameA

advapi32

FreeSid

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

ole32

CoInitialize

oleaut32

OleLoadPicture

gdiplus

GdiplusStartup

msvcp100

?_Xlength_error@std@@YAXPEBD@Z

vmprotectsdk64

VMProtectEnd

recdvd

ord28

readcore

ord11

googleana

ord14

vplaydll

ord4

hrburnapi

??1CHRBurnApi@@UEAA@XZ

reczip

ord2

addmenu

ord7

ts2bd

ord10

igcreate

ord8

odrcore

ord21

crypt

ord24

ws2_32

WSAStartup

winmm

PlaySoundA

advplug

ord3

wininet

InternetOpenA

setupapi

SetupDiGetClassDevsA

Sections

.MPRESS1
Size: 246KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e26fdf4e9ac1384826a88505b17e984

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mfc100

msvcr100

user32

gdi32

comdlg32

advapi32

shell32

comctl32

ole32

oleaut32

gdiplus

msvcp100

vmprotectsdk64

recdvd

readcore

googleana

vplaydll

hrburnapi

reczip

addmenu

ts2bd

igcreate

odrcore

crypt

ws2_32

winmm

advplug

wininet

setupapi

Sections

.MPRESS1 Size: 246KB - Virtual size: 1.6MB

.MPRESS2 Size: 4KB - Virtual size: 4KB

.rsrc Size: 619KB - Virtual size: 619KB

.MPRESS1
Size: 246KB - Virtual size: 1.6MB

.MPRESS2
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 619KB - Virtual size: 619KB