8c99122dc83ff3a3285fee7c72099c385d95e7d68c1c625ef1d20832f6952d15

Sharing

Copy URL Twitter E-mail

General

Target

8c99122dc83ff3a3285fee7c72099c385d95e7d68c1c625ef1d20832f6952d15
Size

14.0MB
MD5

081e2a2f9b35a3d1dbb675104470e177
SHA1

5718682518069a9b73b3746ea5e466d098e26810
SHA256

8c99122dc83ff3a3285fee7c72099c385d95e7d68c1c625ef1d20832f6952d15
SHA512

3b33707b2787354e637b2384c5dc00af07d37c156851ac76e1c1d4070239733c1b94ac00498ebbf26123e32800b849a0e1df311d4eab919ecbed558450fcc657
SSDEEP

393216:gQykitJgyi7tTM0n3kZx1rUb9RsUg+6saDT:gQwt2ZM03okpaUgeCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c99122dc83ff3a3285fee7c72099c385d95e7d68c1c625ef1d20832f6952d15

Files

8c99122dc83ff3a3285fee7c72099c385d95e7d68c1c625ef1d20832f6952d15
.exe windows:5 windows x86

7fc43092095a7f179f2f8eafdbe06d8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

iphlpapi

GetAdaptersInfo

winmm

midiStreamRestart

ws2_32

send

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

FindWindowExA
CharUpperBuffW

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

oleaut32

SafeArrayAccessData

comctl32

ImageList_Destroy

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Exports

Exports

^��R/�~��R�#l�/��V(�ɼz�}��n��p%� ��V�Dd�6��S r��5�'[�G67d��pY>Jk �V��"ΘΟtt�z��Ra!�1��bݤ�{�E�}� �e��qMP�׌/��-`��5�ƿ��BB��1/��9tA�)�2ޒ��<��b�)� ��kX��y*d�̊��8�U�d(q,=sr�W��fZ�D��h<�?g��oMX��$�uv`��ǺÂ��+�� r��K�L��a@�̝�gS�D��{��G�S: J��;ߙ��,O��>�C �}[`kfΘV��M��~��N�C&(o�:<x��@F�j��W�51��CKh��8Ep�n�(��h[��s+U��Z��W�~?��J�!X�\L�\?��Hd�,�TI��vD`�\��r��h _�=�&�(y&��pFܹ��T�$�88՘l ��Z1O��M��ŏ�� o!;}�u��N��m�n4��?u�j ��<��+Z��Y~_~��X-ח�C�A��+��C�S�^�nVnrG)��,��:k˔d^;��-�Xΰ�Ln��*�߄ӧ�d$��`�L8Y��%��f� |��F��ۇ�l�L��%j q��De�,.E��fl��ߊ9�֟�DG�BHZ�,l.9�RvM�*�P#��:��U�Ձ��ҢR3�u�ޏ��ք&��Q�ѦA�/�Y&Dؖ�Q�!��()�Ĥ��/��R�sv��}� '��(��r�� u�r"�w=�K��__� ��Ys|�I�� CB�'��9��q,䥥�ځ��+��-�΋ J��A��PX��^,t��Z�s��d�1,��s��-�O\z�[�w�Y��Љ��ڬ�~�,��4|k�a�8��~Us�h�<4��<W��+t��[��R��6M�Xg��Ŕ7�̸p��%�� x�9��)� #��އ�7�d��U2��X�&w�Y%��n^ �ZS.N'��c�9s�Ew {m�N��T��.�5u�&މ0��/̺wA�-:��p*��ϵD��|��q�X*�ա��|Q��w9��U%QX��}�F��,b܉�-��3��gxu��T+%HÝ��V��;<��I|JP�Z��ȟ�CQL��ß|U�E�d��J��S��"I�Oj�{��]��l~��[�ߢ�z�U�l��a-��P��x��Xi��r��ǽ�DtQ.�K�&E��mfǬS�U��"��-��]�;+�V�[`�]CFr�K�ZHc�>.kK�Z"<�-�'��:��\��Zu�(�K��=�:��r��r�GN��d�r DVU��zg!�Y�ᤗ8�b��,��T!��_>3�Y�y6xM_��DFxj�4�%��jo}fs��ƞ��`T6�X�n��}{1��2gM�t��U+4R�M�(&蟒��ĨJ`Rt�DѸB��r#+��r�� PY+�L5��Z�{�E��f}��J�"2��~wV�)Qp߼��(V>�̀wl�g�g�[/E��@Q̰��yAgvɌ��UG��J��NxD�>��2|��G�NS��s�{`�㕻ߏ��|��b�ר'��9E��/�O"'}s�m��v&ChO�� T�q�7�H8�p�F�Nt��L��ݢM��Q�b��Y�Gg��ۃ�h)P�Q웃�[��a�'��ͪ.0Ơ�U�#)��3`Z��` u{El�ڻ��/��)��4K�,��is�X��o4��`�E�vE��S416UN�f��ξ��"�u9�8�0I��m�l�9L��T�F��I�[��*r�]��%%8|J�2��wV�vDTT��n�~�㰐iA2<�x��R౐��g�I$g�r�zLg��ui�B B��M��_��#�'{�y��O��k��N�p�{I��+�qu ��Wv�6Á�0�y�s?��<�J醲��9��ڳʧٙ�)��aȁ��4Q5TًA��u|XeKiw?�ʊ?�X�JĤW��ְtP�sC�O<��\��y��R�y��1��4y)8��o&z/��7�"0,�x� 1��v!X��4�qq7cHs�=��v�!2c�+~)��|3I!��`�Q�7M��L��n.�n9��0��mQ2��+�y\�(��I�ߥ�a�(�%��rXZ�(n d�l6��~��/$��l�I?a^��]+�^¢ ^f��84M��ukc�}F5u -J��[�0��F�P�,xA��q�Ƿ��oM3�9]7��;��{�1��^2m��gM�2�]�3��M�$�:�#'��İm�g�x�S��Y�]0��nA8��x"��eB�d��h Q��}ꍟ��Y�% ?Yg��p��&��G��5�l��1 ��=)��{K��T\�5_;��W��>O��K��0:��k��UJ��P�Se4��_ɣ��T9��쁝��(�ȻHNH5D�[��e��P��nV�6�O%�zvt��=��,�R=�x�on93�g�� E�0Y�PD˞�P��F�� ʋ��q S6��qfl��Y҄�a�K:�zj}��n�(:�"ʤw ��M��2��V4��M�J\;�}�O_�4�,Q�m�X��ud��i�Y�Dh%��F}u��zݥwIeW��w��J��cT��<�h'��-U|Mc��AJ�xN��;��R>��=.��/��L��c�Һ ��f^"p�6}S1�^ _ޅ�j*}��x�l&׿?D��z�-�nr��1��԰f�j��' ��{��k 0��.ƅ�@ҁ0�U�Η��M�a�E��V"�tN��_�W}J�Qc� Q��r��;��(�H-�~�#[6�%��j߰�p�*ZdP��T�\�T��[��jk�#I��Ҟb�E@�OxG|'��0�P�

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.?4/
Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.]D(
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.]B_
Size: 14.0MB - Virtual size: 14.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fc43092095a7f179f2f8eafdbe06d8b

Headers

File Characteristics

Imports

rasapi32

iphlpapi

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 4.9MB

.data Size: - Virtual size: 1.2MB

.?4/ Size: - Virtual size: 8.5MB

.]D( Size: 4KB - Virtual size: 2KB

.]B_ Size: 14.0MB - Virtual size: 14.0MB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 4.9MB

.data
Size: - Virtual size: 1.2MB

.?4/
Size: - Virtual size: 8.5MB

.]D(
Size: 4KB - Virtual size: 2KB

.]B_
Size: 14.0MB - Virtual size: 14.0MB

.rsrc
Size: 72KB - Virtual size: 68KB