1204fe3a6070c71eaa92d2d96515fd148835ea1f122da4d50191dc65a2fa89ab

Sharing

Copy URL Twitter E-mail

General

Target

1204fe3a6070c71eaa92d2d96515fd148835ea1f122da4d50191dc65a2fa89ab
Size

1.6MB
MD5

8dd4a671d1e525082e7dd3d44fba0d83
SHA1

9cdda820afe00d5b36598ff94843ac00ed720f51
SHA256

1204fe3a6070c71eaa92d2d96515fd148835ea1f122da4d50191dc65a2fa89ab
SHA512

162cd9d17ffc7b103e4d876563b406eed740b8d693cdca414d9e33aa993b710c43fafb587c697bd075dfeec5d9ed0f8e694c2b0d71821ed4024d423d7310224e
SSDEEP

49152:4IFMq+r04ezw4IQ5eQW/0zWsnK3pnpuzkpuC5vP:zBUleVpmwWv3BYApxP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1204fe3a6070c71eaa92d2d96515fd148835ea1f122da4d50191dc65a2fa89ab

Files

1204fe3a6070c71eaa92d2d96515fd148835ea1f122da4d50191dc65a2fa89ab
.dll windows x86

c61301b4f7ad77e36e7eea1bd2f54a24

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutPause

ws2_32

gethostname

kernel32

MultiByteToWideChar

user32

LoadImageA

gdi32

OffsetViewportOrgEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

DragQueryFileA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

odbc32

ord12

comctl32

ImageList_Add

comdlg32

GetOpenFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

rimer

Sections

.text
Size: 488KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c61301b4f7ad77e36e7eea1bd2f54a24

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

odbc32

comctl32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 488KB - Virtual size: 1.3MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 488KB - Virtual size: 1.3MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB