44cc24a9884bb281156f4755e21615c53ba9987f7e35d8360d1e9e719bdfa2cc

Sharing

Copy URL Twitter E-mail

General

Target

44cc24a9884bb281156f4755e21615c53ba9987f7e35d8360d1e9e719bdfa2cc
Size

11.8MB
MD5

3452b19ffa18403c54b60a31b0a36979
SHA1

7bb53096ecfe73ae274d76147f64a43751782583
SHA256

44cc24a9884bb281156f4755e21615c53ba9987f7e35d8360d1e9e719bdfa2cc
SHA512

c74743f75f8f62f25cec45680a6d2fe97279a0dff70b5c319a1e413bbeac4faa923adec2da7badb06785b76286fdaa421b2abd516ea9df182efeba97182aac28
SSDEEP

196608:ZDjiXLU+EyCVFbhzUcINhXjBFx/k3Lxuco8GguKJkmeJEykRhdIiHHPLc:ZHq/CVL8B3k3INKyUhdIcz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44cc24a9884bb281156f4755e21615c53ba9987f7e35d8360d1e9e719bdfa2cc

Files

44cc24a9884bb281156f4755e21615c53ba9987f7e35d8360d1e9e719bdfa2cc
.exe windows:5 windows x86 arch:x86

f0336af2a103796d2320cba80bd5150c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

OpenClipboard

gdi32

SelectPalette

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

inet_ntoa

wininet

InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cG670
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

cG671
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cG672
Size: 11.7MB - Virtual size: 11.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0336af2a103796d2320cba80bd5150c

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 515KB

.rdata Size: - Virtual size: 77KB

.data Size: - Virtual size: 183KB

cG670 Size: - Virtual size: 6.4MB

cG671 Size: 4KB - Virtual size: 2KB

cG672 Size: 11.7MB - Virtual size: 11.7MB

.rsrc Size: 152KB - Virtual size: 151KB

.text
Size: - Virtual size: 515KB

.rdata
Size: - Virtual size: 77KB

.data
Size: - Virtual size: 183KB

cG670
Size: - Virtual size: 6.4MB

cG671
Size: 4KB - Virtual size: 2KB

cG672
Size: 11.7MB - Virtual size: 11.7MB

.rsrc
Size: 152KB - Virtual size: 151KB