5fd57ec3966847e7bd7c378dc7d3046985c2521d62dd26c0902b463275a78017

Sharing

Copy URL Twitter E-mail

General

Target

5fd57ec3966847e7bd7c378dc7d3046985c2521d62dd26c0902b463275a78017
Size

14.1MB
MD5

a31c1064448a49358a19df988fc51bef
SHA1

dd0adf69d7fca650207fa2b28d65d94d3ee3e754
SHA256

5fd57ec3966847e7bd7c378dc7d3046985c2521d62dd26c0902b463275a78017
SHA512

928712ac59d123281ba2417e2ee875ce128c3165209a2d426a813b9e0de507a4b62e765882df9ca9dd6217fe326f98fc5290e2a59be2b826fb092681016eff00
SSDEEP

196608:fFLOyomFHKnPvRhL6sLnbBf2aSQdrmKpdqC7MRPOZVlmaFayNgN0B+kmqz0J6O2/:fF+nbBf6QdrVn57MAlmCaUP0Jcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd57ec3966847e7bd7c378dc7d3046985c2521d62dd26c0902b463275a78017

Files

5fd57ec3966847e7bd7c378dc7d3046985c2521d62dd26c0902b463275a78017
.exe windows:6 windows x86

f145a9a3f9f6d317249cbf6c51126ed7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryPerformanceFrequency

user32

SetPropW

gdi32

CreateCompatibleDC

msimg32

AlphaBlend

winspool.drv

OpenPrinterW

advapi32

RegEnumKeyExW

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathStripToRootW

uxtheme

DrawThemeBackground

ole32

OleDestroyMenuDescriptor

oleaut32

SafeArrayDestroy

oledlg

OleUIBusyW

gdiplus

GdipCreateFromHDC

oleacc

AccessibleObjectFromWindow

imm32

ImmReleaseContext

winmm

PlaySoundW

ws2_32

inet_addr

Sections

.text
Size: - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svmp1
Size: - Virtual size: 2.3MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp2
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp5
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svmp6
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f145a9a3f9f6d317249cbf6c51126ed7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

oleacc

imm32

winmm

ws2_32

Sections

.text Size: - Virtual size: 3.9MB

.rdata Size: - Virtual size: 537KB

.data Size: - Virtual size: 56KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.svmp1 Size: - Virtual size: 2.3MB

.svmp2 Size: 3.9MB - Virtual size: 3.9MB

.svmp3 Size: 2.6MB - Virtual size: 2.6MB

.svmp4 Size: 5.8MB - Virtual size: 5.8MB

.svmp5 Size: 13KB - Virtual size: 12KB

.svmp6 Size: 416KB - Virtual size: 416KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: - Virtual size: 3.9MB

.rdata
Size: - Virtual size: 537KB

.data
Size: - Virtual size: 56KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.svmp1
Size: - Virtual size: 2.3MB

.svmp2
Size: 3.9MB - Virtual size: 3.9MB

.svmp3
Size: 2.6MB - Virtual size: 2.6MB

.svmp4
Size: 5.8MB - Virtual size: 5.8MB

.svmp5
Size: 13KB - Virtual size: 12KB

.svmp6
Size: 416KB - Virtual size: 416KB

.reloc
Size: 16KB - Virtual size: 16KB