4e7b76ad373ba0e364ce31630a92cd6d3024a31210f284aff92336a5be87355e

Sharing

Copy URL Twitter E-mail

General

Target

4e7b76ad373ba0e364ce31630a92cd6d3024a31210f284aff92336a5be87355e
Size

13.7MB
MD5

04280869154fcaf5b65a2dc2afd94ff9
SHA1

e91f47ffeea6c83a08146ea2ebb74802f0190914
SHA256

4e7b76ad373ba0e364ce31630a92cd6d3024a31210f284aff92336a5be87355e
SHA512

03b36df1ff5326866e32dd0d00c9ce8898a4569572ed3e7dfb3a8577b3812270a771d513db6aa45fa0295839625c5f0d18a75d34044bb2fb1959e1ead516b9f1
SSDEEP

393216:l3m9bVEqcvKwTxFPCnkYEEn7uub3Ols/9UsHe0k7kecF:l3Av3wTHCkYr7Zb3os+Oe0YQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e7b76ad373ba0e364ce31630a92cd6d3024a31210f284aff92336a5be87355e

Files

4e7b76ad373ba0e364ce31630a92cd6d3024a31210f284aff92336a5be87355e
.exe windows:4 windows x86

0a0d4e13c5af7bb72e35350aecbf11a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
IsBadWritePtr

shlwapi

StrToIntW

ws2_32

htons
recvfrom

version

GetFileVersionInfoA

user32

MapWindowPoints
GetWindowTextA

advapi32

RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA
DragQueryFileA

ole32

CoUninitialize

psapi

GetModuleInformation

oleaut32

VariantChangeType
UnRegisterTypeLi

gdi32

SetBkColor
GetViewportExtEx

winspool.drv

ClosePrinter
OpenPrinterA

winmm

waveOutUnprepareHeader

comctl32

ImageList_DragLeave

comdlg32

GetOpenFileNameA

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 4.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0a0d4e13c5af7bb72e35350aecbf11a3

Headers

File Characteristics

Imports

kernel32

shlwapi

ws2_32

version

user32

advapi32

shell32

ole32

psapi

oleaut32

gdi32

winspool.drv

winmm

comctl32

comdlg32

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 1.0MB

.data Size: - Virtual size: 3.2MB

.rsrc Size: 28KB - Virtual size: 24KB

.svmp1 Size: - Virtual size: 4.1MB

.svmp2 Size: 6.2MB - Virtual size: 6.2MB

.svmp3 Size: 1.1MB - Virtual size: 1.1MB

.svmp4 Size: 5.9MB - Virtual size: 5.9MB

.svmp5 Size: 16KB - Virtual size: 12KB

.svmp6 Size: 400KB - Virtual size: 399KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 1.0MB

.data
Size: - Virtual size: 3.2MB

.rsrc
Size: 28KB - Virtual size: 24KB

.svmp1
Size: - Virtual size: 4.1MB

.svmp2
Size: 6.2MB - Virtual size: 6.2MB

.svmp3
Size: 1.1MB - Virtual size: 1.1MB

.svmp4
Size: 5.9MB - Virtual size: 5.9MB

.svmp5
Size: 16KB - Virtual size: 12KB

.svmp6
Size: 400KB - Virtual size: 399KB