fc7c860042f2e8814da5fdf3ac38bbc1fd10642612a3c1da9c388c5499c0bc66

Sharing

Copy URL Twitter E-mail

General

Target

fc7c860042f2e8814da5fdf3ac38bbc1fd10642612a3c1da9c388c5499c0bc66
Size

14.1MB
MD5

8a951d69f97a847d8e21366297a173c7
SHA1

6eced1b75bbf68d23c84d063c965ce4a15510254
SHA256

fc7c860042f2e8814da5fdf3ac38bbc1fd10642612a3c1da9c388c5499c0bc66
SHA512

bd733c72bb08b415195a575abe4addf7b0eeca186f24dc81b2069e77dc6655cc9f4bf32091a2b58fa2443c0d1715436bac51f1255731fe642ab7f10578ee9ce8
SSDEEP

196608:iiJSHeH2XMMlGsWb+RINbwa+krMnWAKpdqC7MRPOZKE9iK5k0M1SgeMmTLort5F:/SY+ksJWN1rPn57MEUKsMgez8ruliS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc7c860042f2e8814da5fdf3ac38bbc1fd10642612a3c1da9c388c5499c0bc66

Files

fc7c860042f2e8814da5fdf3ac38bbc1fd10642612a3c1da9c388c5499c0bc66
.exe windows:4 windows x86

2f4545fc5a7a8bb1f3be57065abc8f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSubMenu
FindWindowExA

kernel32

TlsGetValue
IsBadCodePtr

ole32

CoFreeUnusedLibraries

advapi32

CryptAcquireContextA
RegCreateKeyExA

crypt32

CryptStringToBinaryA

oleacc

ObjectFromLresult

gdi32

TextOutA
StartPage

winspool.drv

DocumentPropertiesA
OpenPrinterA

comctl32

ord17
ImageList_Duplicate

oledlg

ord8

oleaut32

VariantClear
VarDateFromStr

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

rasapi32

RasHangUpA

winmm

waveOutGetNumDevs

ws2_32

WSAStartup

comdlg32

GetOpenFileNameA

shell32

Shell_NotifyIconA

wininet

InternetConnectA

Sections

.text
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 713KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f4545fc5a7a8bb1f3be57065abc8f88

Headers

File Characteristics

Imports

user32

kernel32

ole32

advapi32

crypt32

oleacc

gdi32

winspool.drv

comctl32

oledlg

oleaut32

msvfw32

avifil32

rasapi32

winmm

ws2_32

comdlg32

shell32

wininet

Sections

.text Size: - Virtual size: 1.7MB

.rdata Size: - Virtual size: 1.3MB

.data Size: - Virtual size: 713KB

.rsrc Size: 36KB - Virtual size: 33KB

.svmp1 Size: - Virtual size: 4.2MB

.svmp2 Size: 5.1MB - Virtual size: 5.1MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 6.0MB - Virtual size: 6.0MB

.svmp5 Size: 16KB - Virtual size: 12KB

.svmp6 Size: 420KB - Virtual size: 419KB

.text
Size: - Virtual size: 1.7MB

.rdata
Size: - Virtual size: 1.3MB

.data
Size: - Virtual size: 713KB

.rsrc
Size: 36KB - Virtual size: 33KB

.svmp1
Size: - Virtual size: 4.2MB

.svmp2
Size: 5.1MB - Virtual size: 5.1MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 6.0MB - Virtual size: 6.0MB

.svmp5
Size: 16KB - Virtual size: 12KB

.svmp6
Size: 420KB - Virtual size: 419KB