324b51afa21d6d0efb8545c63574f9bcfec190ddc185fade001d58943d6780f2

Sharing

Copy URL Twitter E-mail

General

Target

324b51afa21d6d0efb8545c63574f9bcfec190ddc185fade001d58943d6780f2
Size

13.4MB
MD5

11a4f59f664438212f338d148a1acb92
SHA1

3faa279c034718da8e732cacd78c213238753707
SHA256

324b51afa21d6d0efb8545c63574f9bcfec190ddc185fade001d58943d6780f2
SHA512

2eaef8e2b65d4efaae7f155357a381b0e6af814634d48bc1d13833071da7ec5132f06451974e0725ea6d274bc88a3dc4b898ff3e67287178d99d2be5e23c8392
SSDEEP

196608:0+2wym4Oj6h7uDIwgE4aq4nqupdO/n7a7lRwQ/E/Tn/NM6nnIoScK16iHsuKFyq4:01S4Oj6hy4quDahRwbjNbnZkHgFy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
324b51afa21d6d0efb8545c63574f9bcfec190ddc185fade001d58943d6780f2

Files

324b51afa21d6d0efb8545c63574f9bcfec190ddc185fade001d58943d6780f2
.exe windows:4 windows x86

4c778d5c4691527b55b857660b543703

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamClose

ws2_32

WSAGetLastError

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

kernel32

GetVersion

user32

GetSysColorBrush

gdi32

GetPolyFillMode

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

Sections

.text
Size: - Virtual size: 779KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 7.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 7.0MB - Virtual size: 7.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 568KB - Virtual size: 566KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.2MB - Virtual size: 5.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c778d5c4691527b55b857660b543703

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 779KB

.rdata Size: - Virtual size: 1.3MB

.data Size: - Virtual size: 308KB

.rsrc Size: 196KB - Virtual size: 193KB

.svmp1 Size: - Virtual size: 7.0MB

.svmp2 Size: 7.0MB - Virtual size: 7.0MB

.svmp3 Size: 568KB - Virtual size: 566KB

.svmp4 Size: 5.2MB - Virtual size: 5.2MB

.svmp5 Size: 12KB - Virtual size: 9KB

.svmp6 Size: 416KB - Virtual size: 415KB

.text
Size: - Virtual size: 779KB

.rdata
Size: - Virtual size: 1.3MB

.data
Size: - Virtual size: 308KB

.rsrc
Size: 196KB - Virtual size: 193KB

.svmp1
Size: - Virtual size: 7.0MB

.svmp2
Size: 7.0MB - Virtual size: 7.0MB

.svmp3
Size: 568KB - Virtual size: 566KB

.svmp4
Size: 5.2MB - Virtual size: 5.2MB

.svmp5
Size: 12KB - Virtual size: 9KB

.svmp6
Size: 416KB - Virtual size: 415KB