d673d3ead953f78eb7f2631165218728be08f856efc219b8a7a867d688e55974

Sharing

Copy URL Twitter E-mail

General

Target

d673d3ead953f78eb7f2631165218728be08f856efc219b8a7a867d688e55974
Size

9.7MB
MD5

51f8311403eda1c748f5ccee5c724292
SHA1

b1ddb9fe139c5f51abb8384c3e075f93f0dba40c
SHA256

d673d3ead953f78eb7f2631165218728be08f856efc219b8a7a867d688e55974
SHA512

ed19f8f4ed883a5af1b0999460c0b9837f386d50230587a4badeb7751e59901cd02b3696568efcede974579b53b44624734811e53c072ecfcb10c39f6507b489
SSDEEP

196608:u5q+CDOGBUObqd9Tz4EX6WiKIuSUYFVKD5Xt+fwTDrXTEvC3H+uWi:GCDOGKaqf4EX6BU8VKD5Xt+icC3eti

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d673d3ead953f78eb7f2631165218728be08f856efc219b8a7a867d688e55974

Files

d673d3ead953f78eb7f2631165218728be08f856efc219b8a7a867d688e55974
.exe windows:5 windows x86

9681d10f5b9b019156777687ba64ae95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetSystemMenu
CharUpperBuffW

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

DragFinish

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Add

comdlg32

ChooseColorA

Sections

SM
Size: - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SM
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SM
Size: - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SM
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SM
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SM
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SM
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

SM
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SM
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SM
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SM
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9681d10f5b9b019156777687ba64ae95

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

SM Size: - Virtual size: 746KB

SM Size: - Virtual size: 2.7MB

SM Size: - Virtual size: 238KB

SM Size: - Virtual size: 3.8MB

SM Size: 4KB - Virtual size: 2KB

SM Size: 7.5MB - Virtual size: 7.5MB

SM Size: 12KB - Virtual size: 11KB

SM Size: 1.7MB - Virtual size: 1.7MB

SM Size: 4KB - Virtual size: 4KB

SM Size: 548KB - Virtual size: 547KB

SM Size: 12KB - Virtual size: 11KB

SM
Size: - Virtual size: 746KB

SM
Size: - Virtual size: 2.7MB

SM
Size: - Virtual size: 238KB

SM
Size: - Virtual size: 3.8MB

SM
Size: 4KB - Virtual size: 2KB

SM
Size: 7.5MB - Virtual size: 7.5MB

SM
Size: 12KB - Virtual size: 11KB

SM
Size: 1.7MB - Virtual size: 1.7MB

SM
Size: 4KB - Virtual size: 4KB

SM
Size: 548KB - Virtual size: 547KB

SM
Size: 12KB - Virtual size: 11KB