4ca7ab1155ab1481d42ca95e55d77ce8fa3d752d6fe713212a1b88b379f5c3c6

Sharing

Copy URL

Twitter E-mail

General

Target

4ca7ab1155ab1481d42ca95e55d77ce8fa3d752d6fe713212a1b88b379f5c3c6
Size

15.5MB
MD5

7dffab31844816bd5b2acca5e9d13c55
SHA1

1b3105d564799351b721f1d6c859ab0eb8652070
SHA256

4ca7ab1155ab1481d42ca95e55d77ce8fa3d752d6fe713212a1b88b379f5c3c6
SHA512

133510754c6a110c40f6341bc68d8a683c7900aa8e42d12ad79b9326b05d9b3b15840a5c268fe1d1ae63e5d180b8b36141654cab92e7198376716ad0da4abb2f
SSDEEP

393216:fIlxhncKOM5KX+BxmqIDpPf2/nv28vYopvus8C0yKBS:fI5nXIOxGDpiYodusZRKBS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ca7ab1155ab1481d42ca95e55d77ce8fa3d752d6fe713212a1b88b379f5c3c6

Files

4ca7ab1155ab1481d42ca95e55d77ce8fa3d752d6fe713212a1b88b379f5c3c6
.exe windows:5 windows x86

61fe78e23b5adcf768ebba8f75ea5d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutRestart

ws2_32

gethostname

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

rasapi32

RasGetConnectStatusA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetSysColorBrush

gdi32

SelectObject

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

DragAcceptFiles

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetElement

comctl32

ImageList_Add

wininet

InternetConnectA

Sections

.text
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qvmp0
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qvmp1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qvmp2
Size: 15.3MB - Virtual size: 15.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61fe78e23b5adcf768ebba8f75ea5d3c

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

rasapi32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

.text Size: - Virtual size: 2.5MB

.rdata Size: - Virtual size: 4.1MB

.data Size: - Virtual size: 627KB

.qvmp0 Size: - Virtual size: 7.2MB

.qvmp1 Size: 4KB - Virtual size: 2KB

.qvmp2 Size: 15.3MB - Virtual size: 15.3MB

.rsrc Size: 164KB - Virtual size: 160KB

.text
Size: - Virtual size: 2.5MB

.rdata
Size: - Virtual size: 4.1MB

.data
Size: - Virtual size: 627KB

.qvmp0
Size: - Virtual size: 7.2MB

.qvmp1
Size: 4KB - Virtual size: 2KB

.qvmp2
Size: 15.3MB - Virtual size: 15.3MB

.rsrc
Size: 164KB - Virtual size: 160KB