f71d0c557b30ec2385469d945906b86eaa27ca3d26dc42250679b2a2e40a2121

Sharing

Copy URL Twitter E-mail

General

Target

f71d0c557b30ec2385469d945906b86eaa27ca3d26dc42250679b2a2e40a2121
Size

8.9MB
MD5

e4fc6259df5138d626af7f36a0d40012
SHA1

83461369181f2dea6cbd8484ed30cd3c39c77c62
SHA256

f71d0c557b30ec2385469d945906b86eaa27ca3d26dc42250679b2a2e40a2121
SHA512

86194961f61982eda18cb0ab1560657b88aa0d5e5b68617058ad516777a8a8ed6a849a5b9f78d1e9e18e4c9cf504e00b852df7b9162f0b7192cc50270d837d4f
SSDEEP

196608:68AXQR3tsGKyt/+4Ahy+yFJRVjuUQMdKoYo9Tw4v4LOolDYVQ:N5R2GKo3L8MdfYU04vG/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f71d0c557b30ec2385469d945906b86eaa27ca3d26dc42250679b2a2e40a2121

Files

f71d0c557b30ec2385469d945906b86eaa27ca3d26dc42250679b2a2e40a2121
.exe windows:4 windows x86

7b214666739465ad56f475534697dce4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
CloseHandle
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryA
WaitForMultipleObjects
RaiseException

user32

SystemParametersInfoA
SetFocus

gdi32

CreateEllipticRgn
LineTo

winmm

midiStreamClose
waveOutOpen

winspool.drv

DocumentPropertiesA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegOpenKeyExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetDim
UnRegisterTypeLi

comctl32

ImageList_Destroy
ImageList_GetIcon

ws2_32

WSAAsyncSelect
inet_ntoa

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 499KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b214666739465ad56f475534697dce4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 3.4MB

.rdata Size: - Virtual size: 9.4MB

.data Size: - Virtual size: 499KB

.text Size: - Virtual size: 256KB

.data Size: - Virtual size: 57KB

Size: 32KB - Virtual size: 30KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: - Virtual size: 3.4MB

.rdata
Size: - Virtual size: 9.4MB

.data
Size: - Virtual size: 499KB

.text
Size: - Virtual size: 256KB

.data
Size: - Virtual size: 57KB

.rsrc
Size: 24KB - Virtual size: 22KB