629a97650463166af00b4f805ea984092836c3793dc4086b1ea4a7e8474f0b27

Sharing

Copy URL Twitter E-mail

General

Target

629a97650463166af00b4f805ea984092836c3793dc4086b1ea4a7e8474f0b27
Size

13.4MB
MD5

e970a56b0a2f826e12ee5114123fd428
SHA1

126343ce5dcfcb754cd49159be22d90f359dade9
SHA256

629a97650463166af00b4f805ea984092836c3793dc4086b1ea4a7e8474f0b27
SHA512

4472cf25e98099c5734135e8e90c4bf72f6e3f5528a7dc800977a7e6321647d410c48a7710d2c128fbb37e7965a1d8055d87283759cb9bdd9d108b1c259d7d42
SSDEEP

393216:EWXcaimKjk+LheAmTP9Ga5uSXFeO9Qup8y:E0Ky+teVP4a57Xay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
629a97650463166af00b4f805ea984092836c3793dc4086b1ea4a7e8474f0b27

Files

629a97650463166af00b4f805ea984092836c3793dc4086b1ea4a7e8474f0b27
.exe windows x86

af42bdb21f1ee0d364d411d2c86170e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

rasapi32

RasHangUpA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetFocus
CharUpperBuffW

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

DragQueryFileA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetIcon

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

NiMaSiLe
Size: - Virtual size: 966KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NiMaSiLe
Size: - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NiMaSiLe
Size: 11.1MB - Virtual size: 11.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NiMaSiLe
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

NiMaSiLe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: 552KB - Virtual size: 550KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NiMaSiLe
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

af42bdb21f1ee0d364d411d2c86170e6

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Sections

NiMaSiLe Size: - Virtual size: 966KB

NiMaSiLe Size: - Virtual size: 6.3MB

NiMaSiLe Size: - Virtual size: 360KB

NiMaSiLe Size: - Virtual size: 6.3MB

NiMaSiLe Size: 4KB - Virtual size: 2KB

NiMaSiLe Size: 11.1MB - Virtual size: 11.0MB

NiMaSiLe Size: 72KB - Virtual size: 69KB

NiMaSiLe Size: 1.7MB - Virtual size: 1.7MB

NiMaSiLe Size: 4KB - Virtual size: 4KB

NiMaSiLe Size: 552KB - Virtual size: 550KB

NiMaSiLe Size: 72KB - Virtual size: 69KB

NiMaSiLe
Size: - Virtual size: 966KB

NiMaSiLe
Size: - Virtual size: 6.3MB

NiMaSiLe
Size: - Virtual size: 360KB

NiMaSiLe
Size: - Virtual size: 6.3MB

NiMaSiLe
Size: 4KB - Virtual size: 2KB

NiMaSiLe
Size: 11.1MB - Virtual size: 11.0MB

NiMaSiLe
Size: 72KB - Virtual size: 69KB

NiMaSiLe
Size: 1.7MB - Virtual size: 1.7MB

NiMaSiLe
Size: 4KB - Virtual size: 4KB

NiMaSiLe
Size: 552KB - Virtual size: 550KB

NiMaSiLe
Size: 72KB - Virtual size: 69KB