9a63741851cd574c6ec5f6bc0b9e300bd94e11e5b0f939e5673d08350c47d4c6

Sharing

Copy URL Twitter E-mail

General

Target

9a63741851cd574c6ec5f6bc0b9e300bd94e11e5b0f939e5673d08350c47d4c6
Size

8.7MB
MD5

b056ea061a50be057469c670f50e459c
SHA1

f6bc136dac056f8efeda3f095a0cd26fb78b4e4b
SHA256

9a63741851cd574c6ec5f6bc0b9e300bd94e11e5b0f939e5673d08350c47d4c6
SHA512

9b9f6a46fb8d95f25c39627b01b8d08b1a7b87eb69aa38d3545b50783543dc7a2e61f9c51dfe0fa017848a2fcbfff155f8d3f8464b8fbc51d903f9adbabd6a32
SSDEEP

196608:7JyFsYK4WPR1drD/KM1L6lSOa/W40TQGPeKbXHYog1JO3fARWvyT:7JAqR1drt64Outl4eKbX4hKAYqT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a63741851cd574c6ec5f6bc0b9e300bd94e11e5b0f939e5673d08350c47d4c6

Files

9a63741851cd574c6ec5f6bc0b9e300bd94e11e5b0f939e5673d08350c47d4c6
.exe windows:4 windows x86

e6679f1c2672f971ca25678fb5d0e505

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPause

ws2_32

closesocket

version

VerLanguageNameA

rasapi32

RasHangUpA

kernel32

GetWindowsDirectoryA

user32

GetClassNameA

gdi32

ExcludeClipRect

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_ReplaceIcon

imm32

ImmReleaseContext

wininet

InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

_Scintilla_DirectFunction@16

Sections

.text
Size: 6.0MB - Virtual size: 10.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6679f1c2672f971ca25678fb5d0e505

Headers

File Characteristics

Imports

winmm

ws2_32

version

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

imm32

wininet

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 6.0MB - Virtual size: 10.1MB

.sedata Size: 2.6MB - Virtual size: 2.6MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 20KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 6.0MB - Virtual size: 10.1MB

.sedata
Size: 2.6MB - Virtual size: 2.6MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 20KB

.sedata
Size: 4KB - Virtual size: 4KB