fde3b068c21a4494a5fa2ecfe1e66fd640a48e0b65f619823d6b3daee8da6542

Sharing

Copy URL Twitter E-mail

General

Target

fde3b068c21a4494a5fa2ecfe1e66fd640a48e0b65f619823d6b3daee8da6542
Size

14.0MB
MD5

cfe9df00ca0165ce89a315f938c4ab6d
SHA1

468f08a63e53563ab6ff7b33e8fa4d825a718bd9
SHA256

fde3b068c21a4494a5fa2ecfe1e66fd640a48e0b65f619823d6b3daee8da6542
SHA512

fa8b25d052cee1bb202a279676a3840c5cfaa6c7a518fa3d3bdde4f806961ccb7fe182c7244aeb94a07500dbdb967660abbc970d63bc930aa85f0bfb0203ddcb
SSDEEP

393216:LIsbWPVhxD6oiZan57MALJF73foHAQsnFu:bW9HW7an5j33KgF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde3b068c21a4494a5fa2ecfe1e66fd640a48e0b65f619823d6b3daee8da6542

Files

fde3b068c21a4494a5fa2ecfe1e66fd640a48e0b65f619823d6b3daee8da6542
.exe windows x86

1e8e307e33907a46266be63197d69c80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

iphlpapi

GetAdaptersInfo

winmm

midiStreamClose

ws2_32

ntohl

kernel32

QueryPerformanceCounter

user32

CheckMenuItem

gdi32

Chord

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayAccessData

comctl32

ord17

Sections

.text
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 492KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 404KB - Virtual size: 401KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e8e307e33907a46266be63197d69c80

Headers

File Characteristics

Imports

msvfw32

avifil32

iphlpapi

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 2.2MB

.rdata Size: - Virtual size: 2.3MB

.data Size: - Virtual size: 492KB

.rsrc Size: 36KB - Virtual size: 35KB

.svmp1 Size: - Virtual size: 3.8MB

.svmp2 Size: 5.8MB - Virtual size: 5.8MB

.svmp3 Size: 2.5MB - Virtual size: 2.5MB

.svmp4 Size: 5.2MB - Virtual size: 5.2MB

.svmp5 Size: 12KB - Virtual size: 10KB

.svmp6 Size: 404KB - Virtual size: 401KB

.text
Size: - Virtual size: 2.2MB

.rdata
Size: - Virtual size: 2.3MB

.data
Size: - Virtual size: 492KB

.rsrc
Size: 36KB - Virtual size: 35KB

.svmp1
Size: - Virtual size: 3.8MB

.svmp2
Size: 5.8MB - Virtual size: 5.8MB

.svmp3
Size: 2.5MB - Virtual size: 2.5MB

.svmp4
Size: 5.2MB - Virtual size: 5.2MB

.svmp5
Size: 12KB - Virtual size: 10KB

.svmp6
Size: 404KB - Virtual size: 401KB