fe517954c9e7465f2f7c8c6ca9336a0b8e17cc45b3433d931ef10d1193e0dd56

Sharing

Copy URL Twitter E-mail

General

Target

fe517954c9e7465f2f7c8c6ca9336a0b8e17cc45b3433d931ef10d1193e0dd56
Size

3.2MB
MD5

6133190ddb3d2971b1b28a5e3d95152b
SHA1

577637f00dd4e272e44c54b20f971ebb58b1661c
SHA256

fe517954c9e7465f2f7c8c6ca9336a0b8e17cc45b3433d931ef10d1193e0dd56
SHA512

1a27cc86260685ca4ec7c8dc42c18ea4030371327e1a0e6194652b4f2ca5839db2088ce553848dbd954b32f98b4e0adac5357770feb1b87c8114c10fc053f303
SSDEEP

98304:ctIISaqsl+Hya048BORZOHnJ6RbfMsvjK5cVRAzOa8:ctjSXsl5v48BO34nJ6tfMsvu5I+qa8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe517954c9e7465f2f7c8c6ca9336a0b8e17cc45b3433d931ef10d1193e0dd56

Files

fe517954c9e7465f2f7c8c6ca9336a0b8e17cc45b3433d931ef10d1193e0dd56
.exe windows:5 windows x86

b5d2932f78f4cad902ae4eeb5fb46860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExW

comdlg32

GetFileTitleW

gdi32

CreateDIBitmap

imm32

ImmGetOpenStatus

kernel32

GetACP

msimg32

AlphaBlend

netapi32

Netbios

oleacc

AccessibleObjectFromWindow

oleaut32

SysAllocStringLen

shell32

SHAppBarMessage

shlwapi

PathRemoveFileSpecW

user32

CopyIcon

wininet

InternetOpenA

winmm

PlaySoundW

winspool.drv

OpenPrinterW

ws2_32

gethostbyname

gdiplus

GdipDisposeImage

ole32

CoInitializeEx

oledlg

OleUIBusyW

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

CODE
Size: 1.7MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5d2932f78f4cad902ae4eeb5fb46860

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comdlg32

gdi32

imm32

kernel32

msimg32

netapi32

oleacc

oleaut32

shell32

shlwapi

user32

wininet

winmm

winspool.drv

ws2_32

gdiplus

ole32

oledlg

msvcrt

iphlpapi

psapi

Sections

CODE Size: 1.7MB - Virtual size: 2.6MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 27KB - Virtual size: 28KB

.sedata Size: 4KB - Virtual size: 4KB

CODE
Size: 1.7MB - Virtual size: 2.6MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 27KB - Virtual size: 28KB

.sedata
Size: 4KB - Virtual size: 4KB