89b199998e00fde1aadb4e18eb6a03798654ab0660538e73030c49e68c65be45

Sharing

Copy URL Twitter E-mail

General

Target

89b199998e00fde1aadb4e18eb6a03798654ab0660538e73030c49e68c65be45
Size

1.7MB
MD5

3246572c82423ee272da76e5b8427c20
SHA1

ed75f7c8cc5637bfc7cd4fb8d0b6f9d0158ddc12
SHA256

89b199998e00fde1aadb4e18eb6a03798654ab0660538e73030c49e68c65be45
SHA512

da7442a00811bcda4ddfd71d3ad15c9a7f2c771d2623b7e88acc550e4b4be9e7de198251b597be82948e063672e14c563c957f2207e959bea8afe7f2f29280eb
SSDEEP

49152:FmstXIlrNXL9EXD3QNzxO54njOXzzs3g5MW:FBZIPXL9wWzxO1j43FW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b199998e00fde1aadb4e18eb6a03798654ab0660538e73030c49e68c65be45

Files

89b199998e00fde1aadb4e18eb6a03798654ab0660538e73030c49e68c65be45
.dll windows x86

9a863ac99effa26896023905ac549df3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedIncrement

user32

GetClipboardData

gdi32

GetSystemPaletteEntries

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

LHashValOfNameSys

comctl32

ImageList_Destroy

ws2_32

WSAAsyncSelect

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

OCR
ocrinit

Sections

.text
Size: 668KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a863ac99effa26896023905ac549df3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 668KB - Virtual size: 1.7MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 668KB - Virtual size: 1.7MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB