071f9a10c70bf99bd7a1d5726cab5a43164500ef761d499fac68f6475cd4b382

Sharing

Copy URL Twitter E-mail

General

Target

071f9a10c70bf99bd7a1d5726cab5a43164500ef761d499fac68f6475cd4b382
Size

3.0MB
MD5

576f3313b3d3a07da29882ff1bcfa584
SHA1

5422f9622cf8ad09e38473a253ec7cb0f91f954b
SHA256

071f9a10c70bf99bd7a1d5726cab5a43164500ef761d499fac68f6475cd4b382
SHA512

76c9ea74d20a0797d9edba7af413cca1ebbc82e8972ff0be7ace83766d960c495d07c3ca50fe0cc0c8829960dcefc5ff6c9643456c5ddc447041bd7ca31811c5
SSDEEP

49152:2xlXvOSNdLzdHxI5ByzNaHjHvCFf0dI0H3AzL5d4dgWWFBF:S1vOSzXdS4zRdx4G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
071f9a10c70bf99bd7a1d5726cab5a43164500ef761d499fac68f6475cd4b382

Files

071f9a10c70bf99bd7a1d5726cab5a43164500ef761d499fac68f6475cd4b382
.dll windows x86

74123393721eb7d89289ef55b87121ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

winmm

midiStreamClose

ws2_32

WSACleanup

rasapi32

RasHangUpA

kernel32

ExitProcess
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

ChildWindowFromPointEx

gdi32

CreateRectRgnIndirect

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

LoadTypeLi

comctl32

ImageList_Destroy

wininet

HttpOpenRequestA

comdlg32

GetFileTitleA

Exports

Exports

CInit
CUnInit

Sections

.text
Size: 784KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 140KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

74123393721eb7d89289ef55b87121ad

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Exports

Exports

Sections

.text Size: 784KB - Virtual size: 788KB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 140KB - Virtual size: 404KB

.text0 Size: 314KB - Virtual size: 316KB

.text1 Size: 118KB - Virtual size: 120KB

.reloc Size: 48KB - Virtual size: 48KB

.rsrc Size: 13KB - Virtual size: 16KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 784KB - Virtual size: 788KB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 140KB - Virtual size: 404KB

.text0
Size: 314KB - Virtual size: 316KB

.text1
Size: 118KB - Virtual size: 120KB

.reloc
Size: 48KB - Virtual size: 48KB

.rsrc
Size: 13KB - Virtual size: 16KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB