9b85754108c46043e9bbad491014f9f92fc748db717312d30f5371c7695716c4

Sharing

Copy URL Twitter E-mail

General

Target

9b85754108c46043e9bbad491014f9f92fc748db717312d30f5371c7695716c4
Size

3.6MB
MD5

8e1fa808624cf5d75b42a1ac436aa34a
SHA1

79e2ed0e1ce33e4d1583e8c8cd63307facd74362
SHA256

9b85754108c46043e9bbad491014f9f92fc748db717312d30f5371c7695716c4
SHA512

32e526f788649f65db63e73d52e27be698e6787eec8b2e1633c0c567235007ba05ccef41b91bd48d655a632cf84db57462fc61c10b2e57e865547fbf7712c230
SSDEEP

98304:9kdm1dELg3go4YawqXxFk0wA1H6e3bRynUg8xKd:F8VQYXxFk9kHjgWxKd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b85754108c46043e9bbad491014f9f92fc748db717312d30f5371c7695716c4

Files

9b85754108c46043e9bbad491014f9f92fc748db717312d30f5371c7695716c4
.exe windows x86

8ae2dcf545bd5a1ea82ebc8cb00c7070

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiOutUnprepareHeader

ws2_32

closesocket

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

kernel32

QueryPerformanceFrequency

user32

ScrollWindowEx

gdi32

CreateDCA

msimg32

TransparentBlt

winspool.drv

OpenPrinterA

comdlg32

GetSaveFileNameW

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 2.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ae2dcf545bd5a1ea82ebc8cb00c7070

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

msvfw32

avifil32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

msvcrt

psapi

Sections

.text Size: 2.4MB - Virtual size: 5.4MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 116KB - Virtual size: 116KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 5.4MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 116KB - Virtual size: 116KB

.sedata
Size: 4KB - Virtual size: 4KB