b52d280b8c381c82f2268ad3539ae32bd1c41de12660fc643f55dce520784080

Sharing

Copy URL

Twitter E-mail

General

Target

b52d280b8c381c82f2268ad3539ae32bd1c41de12660fc643f55dce520784080
Size

12.7MB
MD5

9cee6973be222e87d723f849abb42d7f
SHA1

727e3a251266d69b5cb9ca30cb07ee859d20d6f9
SHA256

b52d280b8c381c82f2268ad3539ae32bd1c41de12660fc643f55dce520784080
SHA512

c10327a3ca9f2910b37c00d266288d4145277a8d0787900e50a5531a1950bd59b19ccf1ec8a409f129fda952723d31cccc4820e8a4dee14f0ac8527a81263512
SSDEEP

196608:eUGADxqGefHVeTe8XYA1hEDOGUvmUWw1iT7IXyzjVeAdc1398g+ywTQYoiQRO:tIB/US8j1hEDOVvvW5QCXVeiK3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b52d280b8c381c82f2268ad3539ae32bd1c41de12660fc643f55dce520784080

Files

b52d280b8c381c82f2268ad3539ae32bd1c41de12660fc643f55dce520784080
.exe windows x86

ce346161cae6e0606f432fa6710960a5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA

user32

SetWindowLongA
DestroyWindow

ole32

CoFreeUnusedLibraries

advapi32

RegCreateKeyExA
RegOpenKeyExA

crypt32

CryptBinaryToStringA

oleacc

ObjectFromLresult

gdi32

RestoreDC
LineTo

winspool.drv

DocumentPropertiesA
DocumentPropertiesA

comctl32

ord17
ord17

oledlg

ord8

oleaut32

SafeArrayAccessData
UnRegisterTypeLi

rasapi32

RasHangUpA

winmm

waveOutReset

ws2_32

connect

shell32

Shell_NotifyIconA

wsock32

shutdown

wininet

InternetOpenA

comdlg32

GetSaveFileNameA

secur32

GetUserNameExA

urlmon

URLDownloadToFileW

shlwapi

StrTrimA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: - Virtual size: 12.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ce346161cae6e0606f432fa6710960a5

Headers

File Characteristics

Imports

kernel32

user32

ole32

advapi32

crypt32

oleacc

gdi32

winspool.drv

comctl32

oledlg

oleaut32

rasapi32

winmm

ws2_32

shell32

wsock32

wininet

comdlg32

secur32

urlmon

shlwapi

iphlpapi

Sections

.text Size: - Virtual size: 12.3MB

.mapo Size: 8.9MB - Virtual size: 8.9MB

.rsrc Size: 3.7MB - Virtual size: 3.7MB

.mapo Size: 160KB - Virtual size: 160KB

.mapo2 Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 12.3MB

.mapo
Size: 8.9MB - Virtual size: 8.9MB

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

.mapo
Size: 160KB - Virtual size: 160KB

.mapo2
Size: 4KB - Virtual size: 4KB