eaeba6f52484d7615be81b9a20a8e41eff587f7ff153ef939a14f0f9dfbd1381

Sharing

Copy URL Twitter E-mail

General

Target

eaeba6f52484d7615be81b9a20a8e41eff587f7ff153ef939a14f0f9dfbd1381
Size

13.9MB
MD5

13d4bc017868ccd81c48e430f824e65f
SHA1

980c09987ade89cc8abdc5bbe24a4f5f3048d256
SHA256

eaeba6f52484d7615be81b9a20a8e41eff587f7ff153ef939a14f0f9dfbd1381
SHA512

759186cb09cba3d2713ca85c0770a1900920e9896e79afcd26a58b67904ca7879c2657112e102480dcf1743939748e66098dbb268be6c6a6072ec654871b9c6d
SSDEEP

393216:LergbW6oj+GghLDYf/gF7LtJC4E+DH7nZ2MYmJgzgBfVzI+o:Lergyj+ggF7LtAl+DboMYxCb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eaeba6f52484d7615be81b9a20a8e41eff587f7ff153ef939a14f0f9dfbd1381

Files

eaeba6f52484d7615be81b9a20a8e41eff587f7ff153ef939a14f0f9dfbd1381
.exe windows:5 windows x86

6904daadc589c01f9a13d7568f09c690

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutRestart

ws2_32

ntohl

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ScrollWindowEx

gdi32

SetPixelV

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

Sections

.text
Size: - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 386KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C4D0
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.C4D1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C4D2
Size: 13.9MB - Virtual size: 13.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6904daadc589c01f9a13d7568f09c690

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 804KB

.rdata Size: - Virtual size: 4.3MB

.data Size: - Virtual size: 386KB

.C4D0 Size: - Virtual size: 6.1MB

.C4D1 Size: 4KB - Virtual size: 2KB

.C4D2 Size: 13.9MB - Virtual size: 13.9MB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: - Virtual size: 804KB

.rdata
Size: - Virtual size: 4.3MB

.data
Size: - Virtual size: 386KB

.C4D0
Size: - Virtual size: 6.1MB

.C4D1
Size: 4KB - Virtual size: 2KB

.C4D2
Size: 13.9MB - Virtual size: 13.9MB

.rsrc
Size: 4KB - Virtual size: 3KB