fae41954b02b5d0b2cc2315e1eff87e6eba83af092fae683e0daea66e913b5e6

Sharing

Copy URL Twitter E-mail

General

Target

fae41954b02b5d0b2cc2315e1eff87e6eba83af092fae683e0daea66e913b5e6
Size

11.4MB
MD5

96a46934bc147d8a01ca99cde6bab976
SHA1

0f818e9cc9be4465571a041fa5b24b155e70bf52
SHA256

fae41954b02b5d0b2cc2315e1eff87e6eba83af092fae683e0daea66e913b5e6
SHA512

5a12dabfb1241617a36ac3f52143cbe73e399abd0370bd0f67a15566fd693790f77e50cb68d424da477bed8dbb788434d1b47f245d7260badd8fbb502de6d320
SSDEEP

196608:5qoXyuCVIfRHBqnG9RZstXO1oWRZKub5hOXh4/WLWPCjgIsA/eh9+1n463xdYtV1:5RDCIR7RSMFhlhO64hFsA/eh9qn4k4m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fae41954b02b5d0b2cc2315e1eff87e6eba83af092fae683e0daea66e913b5e6

Files

fae41954b02b5d0b2cc2315e1eff87e6eba83af092fae683e0daea66e913b5e6
.exe windows:4 windows x86

340d60eef4700303fb18ffd0bd65ed20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
GetACP

user32

ModifyMenuA
EmptyClipboard

advapi32

RegSetValueExA
RegOpenKeyExA

gdi32

SetViewportOrgEx
LineTo

winspool.drv

DocumentPropertiesA
ClosePrinter

comctl32

ord17
ord17

shlwapi

PathFileExistsA

winmm

midiStreamStop

ws2_32

socket

shell32

SHGetSpecialFolderPathA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.4MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

340d60eef4700303fb18ffd0bd65ed20

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

winspool.drv

comctl32

shlwapi

winmm

ws2_32

shell32

ole32

oleaut32

comdlg32

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 2.4MB

.data Size: - Virtual size: 441KB

.rsrc Size: 24KB - Virtual size: 22KB

.svmp1 Size: - Virtual size: 3.4MB

.svmp2 Size: 4.5MB - Virtual size: 4.5MB

.svmp3 Size: 1.5MB - Virtual size: 1.5MB

.svmp4 Size: 5.0MB - Virtual size: 5.0MB

.svmp5 Size: 12KB - Virtual size: 10KB

.svmp6 Size: 416KB - Virtual size: 415KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 2.4MB

.data
Size: - Virtual size: 441KB

.rsrc
Size: 24KB - Virtual size: 22KB

.svmp1
Size: - Virtual size: 3.4MB

.svmp2
Size: 4.5MB - Virtual size: 4.5MB

.svmp3
Size: 1.5MB - Virtual size: 1.5MB

.svmp4
Size: 5.0MB - Virtual size: 5.0MB

.svmp5
Size: 12KB - Virtual size: 10KB

.svmp6
Size: 416KB - Virtual size: 415KB