861b7ae920d9c3c62d9433c987f5368b742f867bcfbef1cba9ef7d36c2d8071f

Sharing

Copy URL Twitter E-mail

General

Target

861b7ae920d9c3c62d9433c987f5368b742f867bcfbef1cba9ef7d36c2d8071f
Size

11.6MB
MD5

7aeef965775316bff9d7fb073ad08887
SHA1

f7d057bba739174f8b017c61ee8a83921b786300
SHA256

861b7ae920d9c3c62d9433c987f5368b742f867bcfbef1cba9ef7d36c2d8071f
SHA512

952e63c6965ee6cfe24b59223c0f7886f83af548cecc1f5974fb1cef75b246051b82b738346fbe6f4d9b779cbb3d747f3209ee89b4c9ec075b58f735ca262397
SSDEEP

196608:DREGlG9UYPzr0gOCnbokwBMoSBhHhqkYOWTSG3xwMAGulnIcCkEpU8Be1Fq/eO8N:D/leUYrr0gtnbokZxhQ5TSexLAGuhXCU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
861b7ae920d9c3c62d9433c987f5368b742f867bcfbef1cba9ef7d36c2d8071f

Files

861b7ae920d9c3c62d9433c987f5368b742f867bcfbef1cba9ef7d36c2d8071f
.exe windows x86

a368270ad414024db175e43a9f34a56f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetVersionExA
GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

TranslateMessage
GetClassInfoA
CharUpperBuffW

advapi32

CreateServiceA
RegCloseKey

shlwapi

PathFileExistsA

gdi32

GetViewportExtEx

winmm

midiStreamRestart

winspool.drv

ClosePrinter

shell32

Shell_NotifyIconA

ole32

OleFlushClipboard

oleaut32

SysAllocString

comctl32

ImageList_GetImageCount

ws2_32

WSAAsyncSelect

comdlg32

ChooseFontA

Sections

.text
Size: - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.490
Size: - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.491
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.492
Size: 11.6MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a368270ad414024db175e43a9f34a56f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

gdi32

winmm

winspool.drv

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 5.4MB

.rdata Size: - Virtual size: 1.5MB

.data Size: - Virtual size: 555KB

.490 Size: - Virtual size: 8.0MB

.491 Size: 4KB - Virtual size: 3KB

.492 Size: 11.6MB - Virtual size: 11.5MB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: - Virtual size: 5.4MB

.rdata
Size: - Virtual size: 1.5MB

.data
Size: - Virtual size: 555KB

.490
Size: - Virtual size: 8.0MB

.491
Size: 4KB - Virtual size: 3KB

.492
Size: 11.6MB - Virtual size: 11.5MB

.rsrc
Size: 72KB - Virtual size: 68KB