10f632ff55574e3ba288e20fc1df16dbc3a22b41f79de740bd142ac91ff4305b

Sharing

Copy URL Twitter E-mail

General

Target

10f632ff55574e3ba288e20fc1df16dbc3a22b41f79de740bd142ac91ff4305b
Size

12.0MB
MD5

afb07bb1da5e89e74160e62fa07dc46e
SHA1

0dd7ea30495b9163bdc4b4c9c278fcbb6a90410d
SHA256

10f632ff55574e3ba288e20fc1df16dbc3a22b41f79de740bd142ac91ff4305b
SHA512

652e89bfc894253bc096de08ac1d567069fbb77e658d83554de1d49f6adc560e2fcab3a514e5273eec74c0e8da8b58225c694b94af0a6bc75a457550f2d61497
SSDEEP

196608:X5FXj9NMtBHeyoww08ZwUHHckfPPu9PRimPkVt:/X4tBHeyowx8qCb3FmPk7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10f632ff55574e3ba288e20fc1df16dbc3a22b41f79de740bd142ac91ff4305b

Files

10f632ff55574e3ba288e20fc1df16dbc3a22b41f79de740bd142ac91ff4305b
.exe windows:5 windows x86

67f94a68e55b0c312f5d5b5f5c833874

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

send

kernel32

GetVersion
GetVersionExA
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

PeekMessageA

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.)pi
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Bv>
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.(0^
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67f94a68e55b0c312f5d5b5f5c833874

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 96KB - Virtual size: 369KB

.)pi Size: 4.3MB - Virtual size: 4.3MB

.Bv> Size: 4KB - Virtual size: 2KB

.(0^ Size: 3.6MB - Virtual size: 3.6MB

.rsrc Size: 108KB - Virtual size: 105KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 96KB - Virtual size: 369KB

.)pi
Size: 4.3MB - Virtual size: 4.3MB

.Bv>
Size: 4KB - Virtual size: 2KB

.(0^
Size: 3.6MB - Virtual size: 3.6MB

.rsrc
Size: 108KB - Virtual size: 105KB