2ada0ae9fe8f9bf6e952957f1b156eb43a6ec6087347400748bc4a39b1e35e89

Sharing

Copy URL Twitter E-mail

General

Target

2ada0ae9fe8f9bf6e952957f1b156eb43a6ec6087347400748bc4a39b1e35e89
Size

1.5MB
MD5

a2807b6fc24c842af393aeba8c2e8e39
SHA1

b9f74f63ec56dfcd3bc27921e99b604ae675c631
SHA256

2ada0ae9fe8f9bf6e952957f1b156eb43a6ec6087347400748bc4a39b1e35e89
SHA512

5ae7cf1ec53b7c694726dbb5a64e82b4fe8c0106aa5d9cb5a5a916d872721529254f34301095436e815ec8abb8c4ff756d93559b7de73feb33d15d072fc28af7
SSDEEP

49152:vFU50N63yfSSgeFhHKVFU7fZDOaRQKfTe1V7Qhgy:vFU5KTfSSgihHRfZ+ga1V7Qhgy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ada0ae9fe8f9bf6e952957f1b156eb43a6ec6087347400748bc4a39b1e35e89

Files

2ada0ae9fe8f9bf6e952957f1b156eb43a6ec6087347400748bc4a39b1e35e89
.dll windows:4 windows x86

ba7c234329520799c66b38456b0f86c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiStreamRestart

ws2_32

inet_ntoa

kernel32

GetFileSize

user32

GetSysColorBrush

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

comdlg32

GetOpenFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

executeDevice
loadKeyDevice
loadMouseDevice

Sections

.text
Size: 424KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba7c234329520799c66b38456b0f86c1

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 424KB - Virtual size: 1.1MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 424KB - Virtual size: 1.1MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB