ffe4d9b90cbc7adbe3443043013364e860c874659b15e326e1193832239f0064

Sharing

Copy URL Twitter E-mail

General

Target

ffe4d9b90cbc7adbe3443043013364e860c874659b15e326e1193832239f0064
Size

7.4MB
MD5

327ad290da650246a572d07ac42125e4
SHA1

c4f34b44210ccb156b7c9fe8023dce8ba333323c
SHA256

ffe4d9b90cbc7adbe3443043013364e860c874659b15e326e1193832239f0064
SHA512

d06348598d2292f2e966834ae98774243bc2b037ecefa1c57e2a2e86a1a90cbc36f03b90cee477d5f5462792bf242a8cc06812797632300ebfd89fe97abb320e
SSDEEP

196608:pqGn/L2qu6Dz/dvRdoy9A7egt3BJKC7xeMg0/+6:x/LruIG+ALRPee26

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffe4d9b90cbc7adbe3443043013364e860c874659b15e326e1193832239f0064

Files

ffe4d9b90cbc7adbe3443043013364e860c874659b15e326e1193832239f0064
.exe windows x86

a34518b289a12dce1244e2f111182ce6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiOutReset

ws2_32

recvfrom

rasapi32

RasGetConnectStatusA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SendDlgItemMessageA
CharUpperBuffW

gdi32

RoundRect

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ord17

wininet

HttpQueryInfoA

Sections

.text
Size: - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.E3U
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.e+&
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.J^4
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a34518b289a12dce1244e2f111182ce6

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: - Virtual size: 796KB

.rdata Size: - Virtual size: 1.0MB

.data Size: - Virtual size: 492KB

.E3U Size: - Virtual size: 3.8MB

.e+& Size: 4KB - Virtual size: 2KB

.J^4 Size: 7.4MB - Virtual size: 7.4MB

.rsrc Size: 16KB - Virtual size: 12KB

.text
Size: - Virtual size: 796KB

.rdata
Size: - Virtual size: 1.0MB

.data
Size: - Virtual size: 492KB

.E3U
Size: - Virtual size: 3.8MB

.e+&
Size: 4KB - Virtual size: 2KB

.J^4
Size: 7.4MB - Virtual size: 7.4MB

.rsrc
Size: 16KB - Virtual size: 12KB