1f1748f628b3075f97daf687a47299896781c2cfd9fe000091cfec8ce75e933e

Sharing

Copy URL Twitter E-mail

General

Target

1f1748f628b3075f97daf687a47299896781c2cfd9fe000091cfec8ce75e933e
Size

5.3MB
MD5

15b34db41b27b096e5f418e8cbfc7166
SHA1

dc8cf125a877f8b87db8c64e1c12b035fa317a63
SHA256

1f1748f628b3075f97daf687a47299896781c2cfd9fe000091cfec8ce75e933e
SHA512

3d79e3791684c55c6937a767c94c4df7dcafea34a71279f9d5758aebf9d4db09288bddc5c41aa2740e7f09136b8357f918976e5de37ded49904b0e292c93f826
SSDEEP

98304:HlXAmauSiSQ/1gfrMBHODnNI5r60PiBZmIQp5LsVKfHOjP0bJkpTXW:Hlcs1grqr60Pywhs0HOjP0bJITXW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f1748f628b3075f97daf687a47299896781c2cfd9fe000091cfec8ce75e933e

Files

1f1748f628b3075f97daf687a47299896781c2cfd9fe000091cfec8ce75e933e
.dll windows:4 windows x86

1f3b1bb98e863f7d8910019cd90443b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutWrite

ws2_32

inet_ntoa

kernel32

TerminateProcess

user32

BeginPaint

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

comdlg32

GetOpenFileNameA

Exports

Exports

CloseHandlex
��_SAR_asm
��_SHR_asm

Sections

.text
Size: - Virtual size: 850KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 4KB - Virtual size: 117B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f3b1bb98e863f7d8910019cd90443b6

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 850KB

.rdata Size: - Virtual size: 178KB

.data Size: - Virtual size: 249KB

.rsrc Size: 12KB - Virtual size: 9KB

.svmp1 Size: - Virtual size: 4.0MB

.svmp2 Size: 3.9MB - Virtual size: 3.9MB

.svmp3 Size: 1.3MB - Virtual size: 1.3MB

.svmp4 Size: 4KB - Virtual size: 117B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 850KB

.rdata
Size: - Virtual size: 178KB

.data
Size: - Virtual size: 249KB

.rsrc
Size: 12KB - Virtual size: 9KB

.svmp1
Size: - Virtual size: 4.0MB

.svmp2
Size: 3.9MB - Virtual size: 3.9MB

.svmp3
Size: 1.3MB - Virtual size: 1.3MB

.svmp4
Size: 4KB - Virtual size: 117B

.reloc
Size: 8KB - Virtual size: 5KB