cece5c2def97e9942db3b95fcfc0b26a5c38eb74e13a1f2c6a99be93224b8695

Sharing

Copy URL Twitter E-mail

General

Target

cece5c2def97e9942db3b95fcfc0b26a5c38eb74e13a1f2c6a99be93224b8695
Size

12.6MB
MD5

93debc2ec0f18b60455039932aedd6a7
SHA1

15762e8c3c014c4b0c02f7c718b070c681758cd6
SHA256

cece5c2def97e9942db3b95fcfc0b26a5c38eb74e13a1f2c6a99be93224b8695
SHA512

cbf34a9fa8a39265d8e4f41e5086c83ed13a830485b4987917f86284c1ad29c4c4bbf5bf99190f783328a278d856cf1c745516666143d2a0298b3147bca5dce1
SSDEEP

393216:KkArData33PyPn57M9/vQM19DCFn9zVqLb:KdrDPnKPn5mQMDqntMf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cece5c2def97e9942db3b95fcfc0b26a5c38eb74e13a1f2c6a99be93224b8695

Files

cece5c2def97e9942db3b95fcfc0b26a5c38eb74e13a1f2c6a99be93224b8695
.exe windows x86

a3a46228aa2d8e257c3a4b018d75d146

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamRestart

ws2_32

inet_ntoa

version

VerLanguageNameA

rasapi32

RasHangUpA

kernel32

TerminateProcess

user32

LoadStringA

gdi32

RoundRect

winspool.drv

DocumentPropertiesA

comdlg32

ChooseColorA

advapi32

RegCloseKey

shell32

SHEmptyRecycleBinA

ole32

OleInitialize

oleaut32

LoadTypeLi

comctl32

ord17

wininet

InternetCloseHandle

Sections

.text
Size: - Virtual size: 897KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 384KB - Virtual size: 382KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3a46228aa2d8e257c3a4b018d75d146

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

version

rasapi32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: - Virtual size: 897KB

.rdata Size: - Virtual size: 364KB

.data Size: - Virtual size: 548KB

.rsrc Size: 96KB - Virtual size: 92KB

.svmp1 Size: - Virtual size: 3.7MB

.svmp2 Size: 3.7MB - Virtual size: 3.7MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.8MB - Virtual size: 5.8MB

.svmp5 Size: 12KB - Virtual size: 11KB

.svmp6 Size: 384KB - Virtual size: 382KB

.text
Size: - Virtual size: 897KB

.rdata
Size: - Virtual size: 364KB

.data
Size: - Virtual size: 548KB

.rsrc
Size: 96KB - Virtual size: 92KB

.svmp1
Size: - Virtual size: 3.7MB

.svmp2
Size: 3.7MB - Virtual size: 3.7MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

.svmp5
Size: 12KB - Virtual size: 11KB

.svmp6
Size: 384KB - Virtual size: 382KB