f9145034e2376333c704a00c1f22ca241c652fabbe9478248823dbb0698011e1

Sharing

Copy URL Twitter E-mail

General

Target

f9145034e2376333c704a00c1f22ca241c652fabbe9478248823dbb0698011e1
Size

7.2MB
MD5

e28d42069764481e1cef4b3498f47ce6
SHA1

4cb4acb862cdffea5fda70627f75117a69b15fc8
SHA256

f9145034e2376333c704a00c1f22ca241c652fabbe9478248823dbb0698011e1
SHA512

10cfa8d6229ad5d3127fba32d71bfe9c7b83dfd3d5e93b7f26e78985653573cd0a917f885baa00637a26789cc23f38bca677049545cda0136ccf8a8407433ede
SSDEEP

196608:hkF6QRR7ZOuJvaXnLEvsEivx1c4kqrSHjHBxKPlUMUVN:hkF6QvQC8nLy5i5GdqGDhxKNUMg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9145034e2376333c704a00c1f22ca241c652fabbe9478248823dbb0698011e1

Files

f9145034e2376333c704a00c1f22ca241c652fabbe9478248823dbb0698011e1
.exe windows x86

213ceb0f302fede81a0b471291f66b96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetCursorPos
CharUpperBuffW

gdi32

RestoreDC

winmm

waveOutRestart

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

ws2_32

gethostbyname

wininet

HttpQueryInfoA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 836KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fyz
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tSc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.%mM
Size: 7.2MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

213ceb0f302fede81a0b471291f66b96

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 836KB

.rdata Size: - Virtual size: 118KB

.data Size: - Virtual size: 328KB

.Fyz Size: - Virtual size: 4.3MB

.tSc Size: 4KB - Virtual size: 2KB

.%mM Size: 7.2MB - Virtual size: 7.1MB

.rsrc Size: 20KB - Virtual size: 17KB

.text
Size: - Virtual size: 836KB

.rdata
Size: - Virtual size: 118KB

.data
Size: - Virtual size: 328KB

.Fyz
Size: - Virtual size: 4.3MB

.tSc
Size: 4KB - Virtual size: 2KB

.%mM
Size: 7.2MB - Virtual size: 7.1MB

.rsrc
Size: 20KB - Virtual size: 17KB