297b70fbc960749559b54f6f4ff88c867ec124a6b4f6f2c651080290f26343d9

Sharing

Copy URL Twitter E-mail

General

Target

297b70fbc960749559b54f6f4ff88c867ec124a6b4f6f2c651080290f26343d9
Size

10.1MB
MD5

f2777726845da5e756cc1c9ecd95292f
SHA1

27a3008a8b49f68124b5578bfcee15ca645d43c3
SHA256

297b70fbc960749559b54f6f4ff88c867ec124a6b4f6f2c651080290f26343d9
SHA512

dc255f8c5977674eaf57cd344a65fe9820473a1fdcd02253914137aa2d3dc26cad73a994821cd1552f6652ef4495ef3c993c18f36148aba905e2bb91f8de637c
SSDEEP

196608:zVpvFNkVHaJpRT+GvC+JKxJUYlMKJ/SxtkekefYiAYGS5G9tmboCkpPOMp03bog:IqpRTd6+JxYlJ/AtkbefqnS5GHPOMpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
297b70fbc960749559b54f6f4ff88c867ec124a6b4f6f2c651080290f26343d9

Files

297b70fbc960749559b54f6f4ff88c867ec124a6b4f6f2c651080290f26343d9
.exe windows x86

aead9ba8dd2d4fee84de63f84b0106c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

FindFirstUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comdlg32

GetSaveFileNameW

comctl32

ImageList_GetImageInfo

ws2_32

send

shell32

ExtractIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

CloseServiceHandle

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

SetFileAttributesW

ole32

OleRegEnumVerbs

gdi32

AddFontMemResourceEx

psapi

GetMappedFileNameW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 8.7MB - Virtual size: 19.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aead9ba8dd2d4fee84de63f84b0106c6

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comdlg32

comctl32

ws2_32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

ole32

gdi32

psapi

Exports

Exports

Sections

.text Size: 8.7MB - Virtual size: 19.2MB

.text Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 16KB

.text Size: 4KB - Virtual size: 4KB

.text
Size: 8.7MB - Virtual size: 19.2MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB