b345f8a1bab161c428de71559251c1613d831fd46280fbb3100f1ee4fc381387

Sharing

Copy URL Twitter E-mail

General

Target

b345f8a1bab161c428de71559251c1613d831fd46280fbb3100f1ee4fc381387
Size

11.9MB
MD5

3603219a5c30fd64d46733c009e0e114
SHA1

0cafccd83980fe1fd9fadbd5e923b70cb4b204a8
SHA256

b345f8a1bab161c428de71559251c1613d831fd46280fbb3100f1ee4fc381387
SHA512

6c859316064f27fad2f5a641e728d727dea640664f6b39655b634f403829d9f0288b50020c3fc87fadcc00f0717f01bf71a64b08a5beef5c4107728b3267931e
SSDEEP

196608:TnQZhnPdPz/bmqK4nVKOAty2TftcQmQWI6QBaW7TiHVURJ4P9A:TQZBZTwcKOA9ft3mFcBzXi3Pe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b345f8a1bab161c428de71559251c1613d831fd46280fbb3100f1ee4fc381387

Files

b345f8a1bab161c428de71559251c1613d831fd46280fbb3100f1ee4fc381387
.exe windows:4 windows x86

625cbd0b7cb73ab43a513e6ba8277007

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
RaiseException

user32

ModifyMenuA
GetClientRect

advapi32

RegSetValueExA
RegCloseKey

gdi32

SetMapMode
LineTo

winspool.drv

DocumentPropertiesA
OpenPrinterA

comctl32

ord17
ord17

shlwapi

PathFileExistsA

winmm

waveOutRestart

ws2_32

ntohl

rasapi32

RasHangUpA

shell32

ShellExecuteA

ole32

OleUninitialize

oleaut32

UnRegisterTypeLi

wininet

InternetCloseHandle

comdlg32

GetOpenFileNameA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 3.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 432KB - Virtual size: 428KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

625cbd0b7cb73ab43a513e6ba8277007

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

winspool.drv

comctl32

shlwapi

winmm

ws2_32

rasapi32

shell32

ole32

oleaut32

wininet

comdlg32

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 2.4MB

.data Size: - Virtual size: 543KB

.rsrc Size: 40KB - Virtual size: 36KB

.svmp1 Size: - Virtual size: 3.2MB

.svmp2 Size: 4.5MB - Virtual size: 4.5MB

.svmp3 Size: 1.8MB - Virtual size: 1.8MB

.svmp4 Size: 5.0MB - Virtual size: 5.0MB

.svmp5 Size: 12KB - Virtual size: 11KB

.svmp6 Size: 432KB - Virtual size: 428KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 2.4MB

.data
Size: - Virtual size: 543KB

.rsrc
Size: 40KB - Virtual size: 36KB

.svmp1
Size: - Virtual size: 3.2MB

.svmp2
Size: 4.5MB - Virtual size: 4.5MB

.svmp3
Size: 1.8MB - Virtual size: 1.8MB

.svmp4
Size: 5.0MB - Virtual size: 5.0MB

.svmp5
Size: 12KB - Virtual size: 11KB

.svmp6
Size: 432KB - Virtual size: 428KB