493884b98cf4eab4ea5f81e539cf09663d368ca098273860a57f34a429150005

Sharing

Copy URL Twitter E-mail

General

Target

493884b98cf4eab4ea5f81e539cf09663d368ca098273860a57f34a429150005
Size

11.8MB
MD5

97bbf8abaed20efd9415ec8627e4ad47
SHA1

9fb87b4bb535ec1c2cb47d9de3fbc10c1b9ef0c6
SHA256

493884b98cf4eab4ea5f81e539cf09663d368ca098273860a57f34a429150005
SHA512

90728ca02132387088847064ac49dfee11a553f16f6b3e0650833cf4941e13ef2afec2da57a4eb779108dbb3511d6c8d16213c4b1e65c2fe683482a41438390d
SSDEEP

98304:B2RlWeCw1yTYzeY5Qe20IKMMkQ1OxPrQKpOKUa4Yd9XmZES7QSPCIxOZop92O1+W:IpU+BHIKnr4sKpdqC7MRPOZ4YKt8W4l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
493884b98cf4eab4ea5f81e539cf09663d368ca098273860a57f34a429150005

Files

493884b98cf4eab4ea5f81e539cf09663d368ca098273860a57f34a429150005
.exe windows x86

6220223d81ded15780345b4457eba2bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

winmm

midiOutPrepareHeader

ws2_32

inet_ntoa

kernel32

SetFilePointer

user32

SetMenuItemBitmaps

gdi32

CreateSolidBrush

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegQueryValueA

shell32

SHBrowseForFolderA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetLBound

comctl32

ord17

wininet

InternetCloseHandle

Sections

.text
Size: - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 384KB - Virtual size: 383KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6220223d81ded15780345b4457eba2bc

Headers

File Characteristics

Imports

rasapi32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: - Virtual size: 684KB

.rdata Size: - Virtual size: 103KB

.data Size: - Virtual size: 385KB

.rsrc Size: 24KB - Virtual size: 23KB

.svmp1 Size: - Virtual size: 3.9MB

.svmp2 Size: 3.6MB - Virtual size: 3.6MB

.svmp3 Size: 2.5MB - Virtual size: 2.5MB

.svmp4 Size: 5.3MB - Virtual size: 5.3MB

.svmp5 Size: 12KB - Virtual size: 10KB

.svmp6 Size: 384KB - Virtual size: 383KB

.text
Size: - Virtual size: 684KB

.rdata
Size: - Virtual size: 103KB

.data
Size: - Virtual size: 385KB

.rsrc
Size: 24KB - Virtual size: 23KB

.svmp1
Size: - Virtual size: 3.9MB

.svmp2
Size: 3.6MB - Virtual size: 3.6MB

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

.svmp4
Size: 5.3MB - Virtual size: 5.3MB

.svmp5
Size: 12KB - Virtual size: 10KB

.svmp6
Size: 384KB - Virtual size: 383KB