386019d46e8031f885f329ef619fe9f17388bd595942d8ab4d65263a77539896

Sharing

Copy URL Twitter E-mail

General

Target

386019d46e8031f885f329ef619fe9f17388bd595942d8ab4d65263a77539896
Size

9.9MB
MD5

06aaad98be8fe25454d92b4deab8ec62
SHA1

326e186f45057b254c349457cd0ea3724c23fd52
SHA256

386019d46e8031f885f329ef619fe9f17388bd595942d8ab4d65263a77539896
SHA512

be1761b01163399f2561e3b47860cfb35a1f70adbe8753096b5c722a902801b2a95d7cde1ca538a133d68c7598c8c4c31d8847ff9d52533295815c276219d530
SSDEEP

196608:ShWChVWotzGzhmquL4/0BEswxuKXWV//WvYY1qreV9Tk5YYXcu3Wt:ahsotcK4sTZPtA9eYWY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
386019d46e8031f885f329ef619fe9f17388bd595942d8ab4d65263a77539896

Files

386019d46e8031f885f329ef619fe9f17388bd595942d8ab4d65263a77539896
.exe windows x86

543e07ed8090669354ad09d64b75f78d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

sndPlaySoundW

oleacc

LresultFromObject

wininet

FindFirstUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comdlg32

GetSaveFileNameW

comctl32

ImageList_GetImageInfo

ws2_32

send

shell32

ExtractIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

SetFileAttributesW

ole32

OleRegEnumVerbs

gdi32

AddFontMemResourceEx

psapi

GetMappedFileNameW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 8.5MB - Virtual size: 19.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

543e07ed8090669354ad09d64b75f78d

Headers

File Characteristics

Imports

winmm

oleacc

wininet

winspool.drv

comdlg32

comctl32

ws2_32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

ole32

gdi32

psapi

Exports

Exports

Sections

.text Size: 8.5MB - Virtual size: 19.2MB

.text Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 16KB

.text Size: 4KB - Virtual size: 4KB

.text
Size: 8.5MB - Virtual size: 19.2MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB