cb8af4d0423b408d18e24305d02f6277800b962ba20d625c022fefee8a585b26

Sharing

Copy URL Twitter E-mail

General

Target

cb8af4d0423b408d18e24305d02f6277800b962ba20d625c022fefee8a585b26
Size

12.6MB
MD5

72164f670c177827d625326c3e87192f
SHA1

67c29bcb78567aa81813bfef7ff38298aee19489
SHA256

cb8af4d0423b408d18e24305d02f6277800b962ba20d625c022fefee8a585b26
SHA512

cfae2764c335e44d59fd28e9c49704dcc86de97553d98e8ada24eba0e64b714fb1b8eb62be949cc0093c18c355d8b4e3f310515e0843ab0d5cf149ffbd0e2322
SSDEEP

393216:zRcK7oH5ATQzw4R4Si/nNlczBJZO++xeN8peH:noHM4+N/n4lj+xCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb8af4d0423b408d18e24305d02f6277800b962ba20d625c022fefee8a585b26

Files

cb8af4d0423b408d18e24305d02f6277800b962ba20d625c022fefee8a585b26
.dll windows x86

62a67517e35d8ea6c17c6db2d64ced26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageA
WindowFromPoint

kernel32

GetStartupInfoA
SetEnvironmentVariableA

gdi32

SelectObject
PtVisible

gdiplus

GdipCreateFromHDC

ole32

CLSIDFromString

imm32

ImmAssociateContext

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

PathFileExistsA

winmm

PlaySoundA
midiStreamOut

ws2_32

WSACleanup

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

oleaut32

LoadTypeLi

comctl32

ImageList_Destroy

comdlg32

GetSaveFileNameA

Exports

Exports

ID0
ȡָ��ı�_

Sections

.text
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 10.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 11.7MB - Virtual size: 11.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 948KB - Virtual size: 947KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 4KB - Virtual size: 93B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62a67517e35d8ea6c17c6db2d64ced26

Headers

File Characteristics

Imports

user32

kernel32

gdi32

gdiplus

ole32

imm32

shell32

shlwapi

winmm

ws2_32

winspool.drv

advapi32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 3.4MB

.rdata Size: - Virtual size: 2.8MB

.data Size: - Virtual size: 537KB

.rsrc Size: 24KB - Virtual size: 21KB

.svmp1 Size: - Virtual size: 10.1MB

.svmp2 Size: 11.7MB - Virtual size: 11.7MB

.svmp3 Size: 948KB - Virtual size: 947KB

.svmp4 Size: 4KB - Virtual size: 93B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 3.4MB

.rdata
Size: - Virtual size: 2.8MB

.data
Size: - Virtual size: 537KB

.rsrc
Size: 24KB - Virtual size: 21KB

.svmp1
Size: - Virtual size: 10.1MB

.svmp2
Size: 11.7MB - Virtual size: 11.7MB

.svmp3
Size: 948KB - Virtual size: 947KB

.svmp4
Size: 4KB - Virtual size: 93B

.reloc
Size: 8KB - Virtual size: 5KB