f80fdff32d93bc8868764939be80cb215a9bef045ac7d0253e93d6620ac604ca

Sharing

Copy URL

Twitter E-mail

General

Target

f80fdff32d93bc8868764939be80cb215a9bef045ac7d0253e93d6620ac604ca
Size

14.0MB
MD5

3fdc34694fab289b4b8fd2939e6692b8
SHA1

d564ed5a7785683c6a32d1b39671be0588d77a5d
SHA256

f80fdff32d93bc8868764939be80cb215a9bef045ac7d0253e93d6620ac604ca
SHA512

488136c0c53beef7d167fd4945b747e3055d0b733e97c45950626e9c2233396ab5f1e06b2891e1d4f60c57439b09c1106b9735fb27137be050f4ca9e73026662
SSDEEP

196608:16s0V4nVnFMpoAk8nskAJ1+lp3YRZq5zmyLsOia/BCnQNnDAFxSMG5NTMb:os0VKli+AkOskA2YV6hxJCSnOMMG56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f80fdff32d93bc8868764939be80cb215a9bef045ac7d0253e93d6620ac604ca

Files

f80fdff32d93bc8868764939be80cb215a9bef045ac7d0253e93d6620ac604ca
.exe windows:4 windows x86

78d90c475397723312f36b080f8e6935

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

waveOutRestart

ws2_32

inet_addr

rasapi32

RasHangUpA

kernel32

SetFilePointer

user32

LoadStringA

gdi32

RoundRect

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegCloseKey

shell32

DragQueryFileA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_AddMasked

wldap32

ord29

wininet

InternetCloseHandle

Sections

.text
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 585KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

78d90c475397723312f36b080f8e6935

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

wininet

Sections

.text Size: - Virtual size: 1.3MB

.rdata Size: - Virtual size: 4.7MB

.data Size: - Virtual size: 585KB

.rsrc Size: 36KB - Virtual size: 32KB

.svmp1 Size: - Virtual size: 3.9MB

.svmp2 Size: 6.3MB - Virtual size: 6.3MB

.svmp3 Size: 1.6MB - Virtual size: 1.6MB

.svmp4 Size: 5.6MB - Virtual size: 5.6MB

.svmp5 Size: 16KB - Virtual size: 13KB

.svmp6 Size: 408KB - Virtual size: 406KB

.text
Size: - Virtual size: 1.3MB

.rdata
Size: - Virtual size: 4.7MB

.data
Size: - Virtual size: 585KB

.rsrc
Size: 36KB - Virtual size: 32KB

.svmp1
Size: - Virtual size: 3.9MB

.svmp2
Size: 6.3MB - Virtual size: 6.3MB

.svmp3
Size: 1.6MB - Virtual size: 1.6MB

.svmp4
Size: 5.6MB - Virtual size: 5.6MB

.svmp5
Size: 16KB - Virtual size: 13KB

.svmp6
Size: 408KB - Virtual size: 406KB