ad6d061c2c71dcbe0a47f24e9cdf4f9190f68efcf64c63c45c9f9fb81f452485

Sharing

Copy URL Twitter E-mail

General

Target

ad6d061c2c71dcbe0a47f24e9cdf4f9190f68efcf64c63c45c9f9fb81f452485
Size

12.6MB
MD5

90be135a28682be5fe1feac7dddd3fee
SHA1

f3c53e955a9f6d215abaa2908cafc63974df6266
SHA256

ad6d061c2c71dcbe0a47f24e9cdf4f9190f68efcf64c63c45c9f9fb81f452485
SHA512

9ba5b1bea7385f3e26c351f419e427379a3ee3063bbb15ed45e41641ab90235fdcf9addc541cadf21911981885bb8093ef8c09b302af731eede23d1acf736013
SSDEEP

196608:8KJS221deitFu0G9JbyTosHvYPuVF7sY0iJACCE//PVPiNgr6M:8+2rtt8bwTowvYIpZJjnPd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad6d061c2c71dcbe0a47f24e9cdf4f9190f68efcf64c63c45c9f9fb81f452485

Files

ad6d061c2c71dcbe0a47f24e9cdf4f9190f68efcf64c63c45c9f9fb81f452485
.exe windows x86

de819af71fa2ce946812795226a9b9db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
FlushFileBuffers
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DialogBoxIndirectParamA

gdi32

GetWindowExtEx

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA

advapi32

SetEntriesInAclA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionA

oledlg

ord8

ole32

CoTaskMemAlloc

oleaut32

SysAllocString

gdiplus

GdipImageSelectActiveFrame

ws2_32

WSAWaitForMultipleEvents

wininet

InternetWriteFile

winmm

mciSendStringA

ntdll

_itoa

winhttp

WinHttpCrackUrl

Sections

.text
Size: - Virtual size: 821KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data30
Size: - Virtual size: 12.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data31
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de819af71fa2ce946812795226a9b9db

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

ws2_32

wininet

winmm

ntdll

winhttp

Sections

.text Size: - Virtual size: 821KB

.rdata Size: - Virtual size: 159KB

.data Size: - Virtual size: 224KB

.data30 Size: - Virtual size: 12.0MB

.data31 Size: 12.6MB - Virtual size: 12.6MB

.reloc Size: 512B - Virtual size: 316B

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: - Virtual size: 821KB

.rdata
Size: - Virtual size: 159KB

.data
Size: - Virtual size: 224KB

.data30
Size: - Virtual size: 12.0MB

.data31
Size: 12.6MB - Virtual size: 12.6MB

.reloc
Size: 512B - Virtual size: 316B

.rsrc
Size: 69KB - Virtual size: 68KB