ced873db6ab30a60f8d2b4f77d8818eb064bd90b433402e6a78c318f3ea3c124

Sharing

Copy URL Twitter E-mail

General

Target

ced873db6ab30a60f8d2b4f77d8818eb064bd90b433402e6a78c318f3ea3c124
Size

12.6MB
MD5

2bca8796dfba0b417ad501aeaf5e692f
SHA1

cbf75ae8d35dd9086dac35a7fda58dbd3fa0f422
SHA256

ced873db6ab30a60f8d2b4f77d8818eb064bd90b433402e6a78c318f3ea3c124
SHA512

fce122701bf733e39bdd811554a23c2327f889ea1c2fa6854a6637af918bf7a7a7365bc1af76a254e41b4164a38ccb1590ca739a32f9348652696d7d6cdae238
SSDEEP

393216:l7qoVKOnxzn57MzHoshPNJ+SSiCFk/FBpVTzx+mN8SF:txVKUxzn5mHoshVJHSiAk/7ptx+2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ced873db6ab30a60f8d2b4f77d8818eb064bd90b433402e6a78c318f3ea3c124

Files

ced873db6ab30a60f8d2b4f77d8818eb064bd90b433402e6a78c318f3ea3c124
.exe windows:4 windows x86

d7069a41c7b624e5a65b85586f93a439

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamClose

ws2_32

ntohl

kernel32

SetLastError

user32

ScrollWindowEx

gdi32

CombineRgn

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetLBound

comctl32

ImageList_GetIcon

Sections

.text
Size: - Virtual size: 791KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 396KB - Virtual size: 393KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d7069a41c7b624e5a65b85586f93a439

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 791KB

.rdata Size: - Virtual size: 453KB

.data Size: - Virtual size: 369KB

.rsrc Size: 32KB - Virtual size: 30KB

.svmp1 Size: - Virtual size: 3.6MB

.svmp2 Size: 3.7MB - Virtual size: 3.7MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.8MB - Virtual size: 5.8MB

.svmp5 Size: 12KB - Virtual size: 11KB

.svmp6 Size: 396KB - Virtual size: 393KB

.text
Size: - Virtual size: 791KB

.rdata
Size: - Virtual size: 453KB

.data
Size: - Virtual size: 369KB

.rsrc
Size: 32KB - Virtual size: 30KB

.svmp1
Size: - Virtual size: 3.6MB

.svmp2
Size: 3.7MB - Virtual size: 3.7MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

.svmp5
Size: 12KB - Virtual size: 11KB

.svmp6
Size: 396KB - Virtual size: 393KB