549f35ae04b2340ae545ebcb80b06e2c2acdfb8779c740e82bb64a9ec9c894e3

Sharing

Copy URL

Twitter E-mail

General

Target

549f35ae04b2340ae545ebcb80b06e2c2acdfb8779c740e82bb64a9ec9c894e3
Size

5.5MB
MD5

05b51864ffdb2e41d09110c02e149d9c
SHA1

b47d2cf448ca0aa7c3f9df4ca2360bd22bc64e8e
SHA256

549f35ae04b2340ae545ebcb80b06e2c2acdfb8779c740e82bb64a9ec9c894e3
SHA512

db53e72be807252d5ee196d4de060322b79740c6403fd1e22e4a923b84d7aa98455bd6ea8bf43aeb02db9a25bea34f92a76e3368f804cf812681711ae3e65dc1
SSDEEP

98304:qJcdYMkS3td8utqAkGPf/jrVPlN4kZGoIduV49aafGjf5CrL7FbNn5K+amxpTV:qJgYlEWu4AprVdNsdvHfp3v5Klqpx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
549f35ae04b2340ae545ebcb80b06e2c2acdfb8779c740e82bb64a9ec9c894e3

Files

549f35ae04b2340ae545ebcb80b06e2c2acdfb8779c740e82bb64a9ec9c894e3
.exe windows x86

19508fcd9e8dec432a78eec6bb7ffdca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutRestart

ws2_32

recvfrom

rasapi32

RasGetConnectStatusA

kernel32

SetFilePointer

user32

wsprintfA

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CoGetClassObject

oleaut32

VariantInit

comctl32

ord17

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 4.4MB - Virtual size: 10.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1024KB - Virtual size: 1024KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19508fcd9e8dec432a78eec6bb7ffdca

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 4.4MB - Virtual size: 10.2MB

.sedata Size: 1024KB - Virtual size: 1024KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 72KB - Virtual size: 72KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 4.4MB - Virtual size: 10.2MB

.sedata
Size: 1024KB - Virtual size: 1024KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 72KB - Virtual size: 72KB

.sedata
Size: 4KB - Virtual size: 4KB