349c2d8dd6fee53a405c6b633fe3d0ffda42bfd028e8a1d93b20700a76f0426d

Sharing

Copy URL Twitter E-mail

General

Target

349c2d8dd6fee53a405c6b633fe3d0ffda42bfd028e8a1d93b20700a76f0426d
Size

11.3MB
MD5

4376e318168c4e83253ba17d9f066bb9
SHA1

8a169314d542b041cbf9e7b4daa1791eac2cb5fa
SHA256

349c2d8dd6fee53a405c6b633fe3d0ffda42bfd028e8a1d93b20700a76f0426d
SHA512

7dd16b2ae0213e0ca141d797b84aec70acea3fe8d5e1c85ddc4c43951813548aa956819c6759521b4bd3e76b51f84f9194f607500abfb1158d8f0d4c5a82e4dc
SSDEEP

196608:EKstIO/D2BR8ZfNIi4ZWw/t7+3h6r94Jmzsjj9fKxddx/2fbKRtdAo8g4+Snm9kC:tzBREai4ZWt3hcvz0pf212fbjrgdugkn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
349c2d8dd6fee53a405c6b633fe3d0ffda42bfd028e8a1d93b20700a76f0426d

Files

349c2d8dd6fee53a405c6b633fe3d0ffda42bfd028e8a1d93b20700a76f0426d
.exe windows x86

e25ab5d509e1a188bc7edbd53cee4bb9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader

ws2_32

WSACleanup

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

LoadStringA
CharUpperBuffW

gdi32

CreateDCA

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

Sections

.text
Size: - Virtual size: 689KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.X]+
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

..?+
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.W|$
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e25ab5d509e1a188bc7edbd53cee4bb9

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 689KB

.rdata Size: - Virtual size: 4.5MB

.data Size: - Virtual size: 643KB

.X]+ Size: - Virtual size: 4.2MB

..?+ Size: 4KB - Virtual size: 2KB

.W|$ Size: 11.2MB - Virtual size: 11.2MB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: - Virtual size: 689KB

.rdata
Size: - Virtual size: 4.5MB

.data
Size: - Virtual size: 643KB

.X]+
Size: - Virtual size: 4.2MB

..?+
Size: 4KB - Virtual size: 2KB

.W|$
Size: 11.2MB - Virtual size: 11.2MB

.rsrc
Size: 72KB - Virtual size: 68KB