10b62737f7307e9654863a65e534c900f04d6e940ec5a3516fd12674418dbc9a

Sharing

Copy URL Twitter E-mail

General

Target

10b62737f7307e9654863a65e534c900f04d6e940ec5a3516fd12674418dbc9a
Size

6.9MB
MD5

be05f3f5639d486543e824862345fbea
SHA1

ca8d67d26b8065e58bdf693957743928ee8fbf5f
SHA256

10b62737f7307e9654863a65e534c900f04d6e940ec5a3516fd12674418dbc9a
SHA512

4c2c4f90d961eabb1e3d639825291d67f4b09d8fda4b304b81613c144f0aba22d87bb9b21507b12bfe8355603b92dcbd58cd4330186b25ea8e8caaf86f61045f
SSDEEP

196608:rtfXHsUz2GSBJUEEFG8ch29Oyne25/SVPqHsKmjWxQ2:rhXNeBqNcI9ReL7/CxQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10b62737f7307e9654863a65e534c900f04d6e940ec5a3516fd12674418dbc9a

Files

10b62737f7307e9654863a65e534c900f04d6e940ec5a3516fd12674418dbc9a
.exe windows x86

2895339aed2a9947aeebbd92eabab538

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

OpenClipboard
CharUpperBuffW

gdi32

ScaleWindowExtEx

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

RegisterTypeLi

comctl32

ImageList_Read

ws2_32

ioctlsocket

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gNA
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.HBb
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.@P.
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2895339aed2a9947aeebbd92eabab538

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 602KB

.data Size: - Virtual size: 183KB

.gNA Size: - Virtual size: 3.8MB

.HBb Size: 4KB - Virtual size: 2KB

.@P. Size: 6.9MB - Virtual size: 6.9MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 602KB

.data
Size: - Virtual size: 183KB

.gNA
Size: - Virtual size: 3.8MB

.HBb
Size: 4KB - Virtual size: 2KB

.@P.
Size: 6.9MB - Virtual size: 6.9MB

.rsrc
Size: 8KB - Virtual size: 5KB