5b1fd6d20b7d89bdba3efd120d332dfc82888e1851dd8b6a07cb3df8d5629925

Sharing

Copy URL Twitter E-mail

General

Target

5b1fd6d20b7d89bdba3efd120d332dfc82888e1851dd8b6a07cb3df8d5629925
Size

12.2MB
MD5

fb74002fd06c4cada4d934e7079a3938
SHA1

08147e5cb31dd78ac91757472a99ca7a8728d47b
SHA256

5b1fd6d20b7d89bdba3efd120d332dfc82888e1851dd8b6a07cb3df8d5629925
SHA512

97118ef6eb03fc1e794c89e62aee1b09fcdd7ac6deae5094a08914c086d4dc859412a779945453c7662654455700c7080ae4bb449e40fe6054a63b1f2f8d8f53
SSDEEP

393216:anWvvHxdmusm5InhoJK3TM7uW++qSzkYr9:aWbWm5IWEQuuqSAYr9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b1fd6d20b7d89bdba3efd120d332dfc82888e1851dd8b6a07cb3df8d5629925

Files

5b1fd6d20b7d89bdba3efd120d332dfc82888e1851dd8b6a07cb3df8d5629925
.dll windows:4 windows x86

31a4ed8dbeb6ab9f71731f2a614442cf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiStreamRestart

ws2_32

htons

rasapi32

RasHangUpA

kernel32

IsBadReadPtr

user32

GetDesktopWindow

gdi32

LineTo

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

SafeArrayAccessData

comctl32

ImageList_Add

wsock32

getservbyname

wininet

InternetCloseHandle

comdlg32

ChooseColorA

Exports

Exports

_��ȡӳ��
asm_ʮ��ʮ
��ȡ��ھ��1
��
ת��嵽��

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 8.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 4KB - Virtual size: 165B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31a4ed8dbeb6ab9f71731f2a614442cf

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wsock32

wininet

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 1.7MB

.data Size: - Virtual size: 1.1MB

.rsrc Size: 24KB - Virtual size: 23KB

.svmp1 Size: - Virtual size: 8.8MB

.svmp2 Size: 9.6MB - Virtual size: 9.6MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 4KB - Virtual size: 165B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 1.7MB

.data
Size: - Virtual size: 1.1MB

.rsrc
Size: 24KB - Virtual size: 23KB

.svmp1
Size: - Virtual size: 8.8MB

.svmp2
Size: 9.6MB - Virtual size: 9.6MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 4KB - Virtual size: 165B

.reloc
Size: 12KB - Virtual size: 8KB