0d60ac45f10f9a3194adeef9e97472d9cb5d91ec9452610eaa16db8a0055884a

Sharing

Copy URL Twitter E-mail

General

Target

0d60ac45f10f9a3194adeef9e97472d9cb5d91ec9452610eaa16db8a0055884a
Size

13.1MB
MD5

64ef59903e51df38cc9756bb762b6bdf
SHA1

e9e89e1efd2cdb1e3201b0d04bf10c34618e3590
SHA256

0d60ac45f10f9a3194adeef9e97472d9cb5d91ec9452610eaa16db8a0055884a
SHA512

b4cea9f344650975f5252af184b00b9ca85a07800739156fb84aabd9d43e022da462584f864c72766d52de31dbce0acfcf61c3c586d4100f189260a01c78f7ca
SSDEEP

196608:ZEGIm4MOYt6L8JgbztaQLK+lNbMGP+g38XCiQI5ReHiO/reW8X2y1/YMbwM4k8HU:ZEGxpBg3KS38SiH5EHiFceP4PKL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d60ac45f10f9a3194adeef9e97472d9cb5d91ec9452610eaa16db8a0055884a

Files

0d60ac45f10f9a3194adeef9e97472d9cb5d91ec9452610eaa16db8a0055884a
.exe windows x86

4228509ceb6c00958b5ca9859bdbc879

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetMenuItemInfoW

shell32

DragAcceptFiles

ole32

CoUninitialize

psapi

GetProcessImageFileNameW

shlwapi

StrToIntExW

wininet

InternetSetOptionA

gdi32

GetObjectA

gdiplus

GdipEndContainer

ws2_32

gethostbyname

atl

ord42

comctl32

InitCommonControlsEx

crypt32

CryptStringToBinaryW

uxtheme

SetWindowTheme

msimg32

AlphaBlend

oleaut32

VariantTimeToSystemTime

Sections

.text
Size: - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmps1
Size: - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmps2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps3
Size: 13.1MB - Virtual size: 13.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4228509ceb6c00958b5ca9859bdbc879

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

psapi

shlwapi

wininet

gdi32

gdiplus

ws2_32

atl

comctl32

crypt32

uxtheme

msimg32

oleaut32

Sections

.text Size: - Virtual size: 616KB

.rdata Size: - Virtual size: 21KB

.data Size: - Virtual size: 125KB

.vmps0 Size: - Virtual size: 848B

.vmps1 Size: - Virtual size: 7.4MB

.vmps2 Size: 4KB - Virtual size: 3KB

.vmps3 Size: 13.1MB - Virtual size: 13.1MB

.rsrc Size: 4KB - Virtual size: 834B

.text
Size: - Virtual size: 616KB

.rdata
Size: - Virtual size: 21KB

.data
Size: - Virtual size: 125KB

.vmps0
Size: - Virtual size: 848B

.vmps1
Size: - Virtual size: 7.4MB

.vmps2
Size: 4KB - Virtual size: 3KB

.vmps3
Size: 13.1MB - Virtual size: 13.1MB

.rsrc
Size: 4KB - Virtual size: 834B