f765fe8de690f27cf16831d3390d7aa48bdcd01515e7794ef9206ba68190ad7c

Sharing

Copy URL Twitter E-mail

General

Target

f765fe8de690f27cf16831d3390d7aa48bdcd01515e7794ef9206ba68190ad7c
Size

2.2MB
MD5

cd7e21817833fc088a0867361703b246
SHA1

080588cf650f00c5a7854cd19053a23962d3198d
SHA256

f765fe8de690f27cf16831d3390d7aa48bdcd01515e7794ef9206ba68190ad7c
SHA512

c5bf1179841e463530e7b4c5a17d0843eca86ea11228cff0592ecc4d5501eb25c1ab4c85e2e26548f2a5ecfe359eff97781bcdd0967e8dad8f32eae3a7c3c2c5
SSDEEP

49152:30RkTsUdah8BFcgtHUtajppcg54LKU6ob25hKIE6t8:3PTX0hngtHWAzcG5hKIE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f765fe8de690f27cf16831d3390d7aa48bdcd01515e7794ef9206ba68190ad7c

Files

f765fe8de690f27cf16831d3390d7aa48bdcd01515e7794ef9206ba68190ad7c
.exe windows:4 windows x86

25680fe876ff256c74bef6a6e32243d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord1

kernel32

GetCurrentProcess

user32

SendMessageA

gdi32

BitBlt

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CoUninitialize

d3d9

Direct3DCreate9

d3dx9_43

D3DXMatrixPerspectiveFovLH

winmm

timeKillEvent

msimg32

TransparentBlt

iphlpapi

GetAdaptersInfo

wininet

InternetReadFile

wsock32

accept

imm32

ImmGetContext

msvcrt

strncpy

psapi

GetMappedFileNameW

Exports

Exports

SetExtChangeZip
UnZipData
UnZipDataToDirectory
UnZipDataToFile
UnZipFile
ZipData
ZipFile
_CloseD3d@0
_InitD3D@4
_smPlayD3D@24

Sections

.text
Size: 1.2MB - Virtual size: 73.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 992KB - Virtual size: 992KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25680fe876ff256c74bef6a6e32243d6

Headers

File Characteristics

Imports

dsound

kernel32

user32

gdi32

advapi32

shell32

ole32

d3d9

d3dx9_43

winmm

msimg32

iphlpapi

wininet

wsock32

imm32

msvcrt

psapi

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 73.5MB

.sedata Size: 992KB - Virtual size: 992KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 73.5MB

.sedata
Size: 992KB - Virtual size: 992KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB

.sedata
Size: 4KB - Virtual size: 4KB