59aa954ec93a4466e7c8349e3f45b62c6332727980103eeffd1ba00421ff6bd1

Sharing

Copy URL Twitter E-mail

General

Target

59aa954ec93a4466e7c8349e3f45b62c6332727980103eeffd1ba00421ff6bd1
Size

6.9MB
MD5

3b79dbd3ae78a40eb726b8cc9dbd3c61
SHA1

c96cbd90daf3631f7632f6d37995b71fa7b13ba3
SHA256

59aa954ec93a4466e7c8349e3f45b62c6332727980103eeffd1ba00421ff6bd1
SHA512

9fdf9672b090fb362abeb0e0ccc9e2f5bdf6eb0b8c158d36c16a92c17b6feb0b1d992051945ac5fbaf662e2477c4fc2ed4eb982dbd3670f0ab689c812e5c2613
SSDEEP

196608:DiQ+IEr8/ADak4No4J6o6SXnabXoiIJqU/mB2yopz/aFK/YmP/4:DiQE8/Ofup30YiIJLDzOFgH4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59aa954ec93a4466e7c8349e3f45b62c6332727980103eeffd1ba00421ff6bd1

Files

59aa954ec93a4466e7c8349e3f45b62c6332727980103eeffd1ba00421ff6bd1
.exe windows:4 windows x86

a52c176d0fe047a7dcc1649d4b7b70f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

rasapi32

RasHangUpA

kernel32

GetVersion

user32

CreateMenu

gdi32

ScaleWindowExtEx

msimg32

TransparentBlt

winspool.drv

DocumentPropertiesA

advapi32

CryptGetHashParam

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

SysAllocStringByteLen

comctl32

ImageList_GetImageInfo

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 6.2MB - Virtual size: 12.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a52c176d0fe047a7dcc1649d4b7b70f0

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 6.2MB - Virtual size: 12.3MB

.vmp Size: 760KB - Virtual size: 760KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 12KB

.vmp Size: 4KB - Virtual size: 4KB

.text
Size: 6.2MB - Virtual size: 12.3MB

.vmp
Size: 760KB - Virtual size: 760KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 12KB

.vmp
Size: 4KB - Virtual size: 4KB