fe74c380ee245d5f287c36b990e72f2da0303f34c059d09027b298590f762c00

Sharing

Copy URL Twitter E-mail

General

Target

fe74c380ee245d5f287c36b990e72f2da0303f34c059d09027b298590f762c00
Size

12.0MB
MD5

81ed5f960e7e1f6f3ff94ba4a3180d15
SHA1

17b0cfa7bd10eb4052e6a418d61f5930a26a0bd0
SHA256

fe74c380ee245d5f287c36b990e72f2da0303f34c059d09027b298590f762c00
SHA512

09e0ef0226bb51e33cb6805ae6d53609b24ddd64020109d35b328ae145f3084d7c3de1c01f189c23039f541dbfe27e0fec2551f6e5e386edbacf3d904578aea1
SSDEEP

393216:BsqkjDsSzKXWQNHxqYEbnqpurZ5/D4UBF:rkjDsSzeWKHxObqpurZlUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe74c380ee245d5f287c36b990e72f2da0303f34c059d09027b298590f762c00

Files

fe74c380ee245d5f287c36b990e72f2da0303f34c059d09027b298590f762c00
.dll windows x86

b19b556720e5862e496677c97227af53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetWindowPos
CharUpperBuffW

advapi32

OpenServiceA

shell32

SHAppBarMessage

ole32

CoUninitialize

ws2_32

htons

shlwapi

PathIsDirectoryA

gdi32

CreateCompatibleDC

gdiplus

GdipCreateBitmapFromStream

msvcrt

_stricmp

Exports

Exports

GetClassObject
ȡָ��ı�_

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm0
Size: - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm2
Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b19b556720e5862e496677c97227af53

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

ws2_32

shlwapi

gdi32

gdiplus

msvcrt

Exports

Exports

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 9KB

.data Size: - Virtual size: 659KB

.vm0 Size: - Virtual size: 8.4MB

.vm1 Size: 4KB - Virtual size: 1KB

.vm2 Size: 12.0MB - Virtual size: 12.0MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 9KB

.data
Size: - Virtual size: 659KB

.vm0
Size: - Virtual size: 8.4MB

.vm1
Size: 4KB - Virtual size: 1KB

.vm2
Size: 12.0MB - Virtual size: 12.0MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 816B