18101c4717f8150eab02f289fa96526be775f545c9bfb36d7eb99fd2621d4579

Sharing

Copy URL Twitter E-mail

General

Target

18101c4717f8150eab02f289fa96526be775f545c9bfb36d7eb99fd2621d4579
Size

14.0MB
MD5

e7d1b79b23cf100f60b223e9b539ccbb
SHA1

8f5ad7c1a688dd117606872c589797da927c1ecc
SHA256

18101c4717f8150eab02f289fa96526be775f545c9bfb36d7eb99fd2621d4579
SHA512

2cff296d8a9c38fcf98a24156cc89b53716ffdd57b2348de5f1aa62431169aa73d878f262b7496b841df938a4b9f4a386e0f4a162944026611d0b2f0da48d1db
SSDEEP

393216:ePYkumU52bbC+tLr+ncUQ1TfCR/3WKEfDXOozpx:eD/bbC+tLr+cUITfC8oo1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18101c4717f8150eab02f289fa96526be775f545c9bfb36d7eb99fd2621d4579

Files

18101c4717f8150eab02f289fa96526be775f545c9bfb36d7eb99fd2621d4579
.exe windows:4 windows x86

24cff48a067627f0d9722d26d91a37b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetOptionA

comctl32

ImageList_Destroy

oleaut32

VarDateFromStr

ole32

DoDragDrop

shell32

SHFileOperationA

advapi32

RegCloseKey

comdlg32

GetSaveFileNameA

winspool.drv

OpenPrinterA

msimg32

GradientFill

gdi32

SetTextColor

user32

GrayStringA

kernel32

InterlockedExchange

avifil32

AVIStreamGetFrame

msvfw32

DrawDibDraw

rasapi32

RasGetConnectStatusA

ws2_32

WSAStartup

winmm

waveOutClose

Sections

.text
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 14.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 13.8MB - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24cff48a067627f0d9722d26d91a37b1

Headers

File Characteristics

Imports

wininet

comctl32

oleaut32

ole32

shell32

advapi32

comdlg32

winspool.drv

msimg32

gdi32

user32

kernel32

avifil32

msvfw32

rasapi32

ws2_32

winmm

Sections

.text Size: - Virtual size: 3.3MB

.rdata Size: - Virtual size: 14.8MB

.data Size: - Virtual size: 633KB

.vdata Size: - Virtual size: 236KB

.text Size: - Virtual size: 1.0MB

.data Size: - Virtual size: 43KB

.text Size: 13.8MB - Virtual size: 13.8MB

.data Size: 4KB - Virtual size: 656B

.rsrc Size: 236KB - Virtual size: 232KB

.text
Size: - Virtual size: 3.3MB

.rdata
Size: - Virtual size: 14.8MB

.data
Size: - Virtual size: 633KB

.vdata
Size: - Virtual size: 236KB

.text
Size: - Virtual size: 1.0MB

.data
Size: - Virtual size: 43KB

.text
Size: 13.8MB - Virtual size: 13.8MB

.data
Size: 4KB - Virtual size: 656B

.rsrc
Size: 236KB - Virtual size: 232KB