640821a8b500cd14d79f7ab2c7ab62a9bc2c24c1028fa8a482b588ea9234a81c

Sharing

Copy URL

Twitter E-mail

General

Target

640821a8b500cd14d79f7ab2c7ab62a9bc2c24c1028fa8a482b588ea9234a81c
Size

2.2MB
MD5

a5b20d2787f4e34ab8f7f10682bfeb7b
SHA1

ddab7d9be97cc3b3233895f261529c4b90c20a52
SHA256

640821a8b500cd14d79f7ab2c7ab62a9bc2c24c1028fa8a482b588ea9234a81c
SHA512

20851badb6039822faf008c8ea555adbd7b29399145fa37c5154630c22d23e5775d983164002150e1db9c76c3e7f7a072bee20d2b9379556f15232cd2981d78a
SSDEEP

49152:4ysjt0ExBDaT2/sxFzqVPTr9AWIhDDke5lcUj4JgfWRtR0+W:7ut0ExBuT2MgVFyWUjP8RE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
640821a8b500cd14d79f7ab2c7ab62a9bc2c24c1028fa8a482b588ea9234a81c

Files

640821a8b500cd14d79f7ab2c7ab62a9bc2c24c1028fa8a482b588ea9234a81c
.exe windows x86

b49df7001a25b3c6691c27ea2ef72ae6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

kernel32

SetCurrentDirectoryA

user32

GetCursorPos

gdi32

RestoreDC

winmm

waveOutRestart

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

wininet

HttpQueryInfoA

comdlg32

GetSaveFileNameA

msvcrt

__dllonexit

psapi

GetMappedFileNameW

Sections

.text
Size: 1.0MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b49df7001a25b3c6691c27ea2ef72ae6

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 1.0MB - Virtual size: 1.8MB

.sedata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 1.8MB

.sedata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB