c383eec87f25fe8dd5c9fc4246fb64d2ca2cbe57ee1d6f113226d3cb15babe04

Sharing

Copy URL Twitter E-mail

General

Target

c383eec87f25fe8dd5c9fc4246fb64d2ca2cbe57ee1d6f113226d3cb15babe04
Size

15.3MB
MD5

746b940cb8b161058a88a9c8c3c08829
SHA1

575f121bc861b4c7359841cf89b0926d5b87b96d
SHA256

c383eec87f25fe8dd5c9fc4246fb64d2ca2cbe57ee1d6f113226d3cb15babe04
SHA512

f55fc542ef445d909b1f0bea904d4f6d59e11f9874a6898b74e7b32f0761f779237a5d874bb9d06d0e654d61516862275f6af3316235dc0f5e1795e19fcd1328
SSDEEP

393216:JpPEeGuTO28vhK7bwNDBsgyYtmj7CXpMOEuK8LfECnX7vti5:JxGuohKHWFeOEiL8CnX7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c383eec87f25fe8dd5c9fc4246fb64d2ca2cbe57ee1d6f113226d3cb15babe04

Files

c383eec87f25fe8dd5c9fc4246fb64d2ca2cbe57ee1d6f113226d3cb15babe04
.exe windows:6 windows x86

a8c2ba54a14ed78bc93566344853895b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowRect

gdi32

CreateHatchBrush

advapi32

RegDeleteValueW

shell32

SHGetDesktopFolder

ole32

CoInitialize

oleaut32

LoadTypeLi

comctl32

ImageList_Destroy

gdiplus

GdipCreateBitmapFromHBITMAP

msimg32

TransparentBlt

shlwapi

PathFindFileNameW

uxtheme

OpenThemeData

oledlg

OleUIBusyW

ws2_32

WSACleanup

oleacc

AccessibleObjectFromWindow

imm32

ImmReleaseContext

winmm

PlaySoundW

winspool.drv

ClosePrinter

Sections

.text
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7JA
Size: - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.0}+
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.[=w
Size: 15.2MB - Virtual size: 15.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8c2ba54a14ed78bc93566344853895b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

msimg32

shlwapi

uxtheme

oledlg

ws2_32

oleacc

imm32

winmm

winspool.drv

Sections

.text Size: - Virtual size: 1.7MB

.rdata Size: - Virtual size: 372KB

.data Size: - Virtual size: 45KB

.7JA Size: - Virtual size: 10.6MB

.0}+ Size: 3KB - Virtual size: 3KB

.[=w Size: 15.2MB - Virtual size: 15.2MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 176KB - Virtual size: 176KB

.text
Size: - Virtual size: 1.7MB

.rdata
Size: - Virtual size: 372KB

.data
Size: - Virtual size: 45KB

.7JA
Size: - Virtual size: 10.6MB

.0}+
Size: 3KB - Virtual size: 3KB

.[=w
Size: 15.2MB - Virtual size: 15.2MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 176KB - Virtual size: 176KB