41703b371feffe3fb6e32c597d94de54

Sharing

Copy URL Twitter E-mail

General

Target

41703b371feffe3fb6e32c597d94de54
Size

793KB
MD5

41703b371feffe3fb6e32c597d94de54
SHA1

53b69db1cfc67a706e65a0757c1a51758a318c9d
SHA256

1132144a7e0d16314341914eb4c5efa961202d0567d18ba691185297ea23d2de
SHA512

a301ad3704fd229067867f69c98147933376bdaaed460af79c049b3999c28ddae8c144c11964a4eec846d82d484f44f42e16ef92eb95c819c6e76bd137baac36
SSDEEP

24576:cI5WYWC2lgq01hu3w9YQ/Nwzj/8n5v2zm:97Mgq01Cw9V/NS78nt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41703b371feffe3fb6e32c597d94de54

Files

41703b371feffe3fb6e32c597d94de54
.dll windows:4 windows x86 arch:x86

00d3e76e1b915fb0d43b094aeba0f56d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindFirstFileA
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetParent

advapi32

RegOpenKeyExA

oleaut32

SafeArrayCreate

version

GetFileVersionInfoA

gdi32

GetClipBox

winmm

PlaySoundA

comctl32

ImageList_DragMove

shell32

Shell_NotifyIconA

Exports

Exports

HookOff
HookOn

Sections

CODE
Size: - Virtual size: 321KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MirXz0
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MirXz1
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.MirXz2
Size: 787KB - Virtual size: 786KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00d3e76e1b915fb0d43b094aeba0f56d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

version

gdi32

winmm

comctl32

shell32

Exports

Exports

Sections

CODE Size: - Virtual size: 321KB

DATA Size: - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: - Virtual size: 8KB

.edata Size: - Virtual size: 84B

.MirXz0 Size: - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 331KB

.MirXz1 Size: - Virtual size: 204KB

.MirXz2 Size: 787KB - Virtual size: 786KB

.reloc Size: 512B - Virtual size: 144B

CODE
Size: - Virtual size: 321KB

DATA
Size: - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: - Virtual size: 8KB

.edata
Size: - Virtual size: 84B

.MirXz0
Size: - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 331KB

.MirXz1
Size: - Virtual size: 204KB

.MirXz2
Size: 787KB - Virtual size: 786KB

.reloc
Size: 512B - Virtual size: 144B