4b2e9b0611338ddd58e383a75e4f74bc45ea2c87c3cce8fb0bdd112fc8ceb18e

Sharing

Copy URL Twitter E-mail

General

Target

4b2e9b0611338ddd58e383a75e4f74bc45ea2c87c3cce8fb0bdd112fc8ceb18e
Size

5.5MB
MD5

05f2c1ee2169287e12654264f7eb8641
SHA1

957c2009a894844d16715a45991b37400381d306
SHA256

4b2e9b0611338ddd58e383a75e4f74bc45ea2c87c3cce8fb0bdd112fc8ceb18e
SHA512

7cc6dcc9d2e32d971c88e9ac6ecb84d51be78dfe6f0610a4f8a48a2f0354d8b4ecefcf62510f21f7df7fd2bc4ce5dc27a5689eb812e709449af07ba80d01f280
SSDEEP

98304:AIP2Jh2RJtCRKHoLRNer8rjPfvYbO+apky6ey4vJ5PX1cOgf7cL9x:Aw2MRJtC1Ner2Lnr+mk0bXKOgf7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b2e9b0611338ddd58e383a75e4f74bc45ea2c87c3cce8fb0bdd112fc8ceb18e

Files

4b2e9b0611338ddd58e383a75e4f74bc45ea2c87c3cce8fb0bdd112fc8ceb18e
.dll windows:5 windows x86 arch:x86

279170a85e39a188eeac4643e687d91d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rasapi32

RasHangUpA

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA
CharUpperBuffW

gdi32

SetMapMode

winmm

waveOutUnprepareHeader

winspool.drv

DocumentPropertiesA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

accept

wininet

InternetCloseHandle

comdlg32

GetFileTitleA

Exports

Exports

Ay_��װ��
Ay_��
Ay_�ҽӻ��
Ay_ȡ��
Ay_ȡ�߶�
Ay_ȡ��
Ay_ȡ��

Sections

.text
Size: - Virtual size: 679KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.`?i
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.D}}
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.u2[
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

279170a85e39a188eeac4643e687d91d

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 679KB

.rdata Size: - Virtual size: 89KB

.data Size: - Virtual size: 227KB

.`?i Size: - Virtual size: 3.2MB

.D}} Size: 4KB - Virtual size: 2KB

.u2[ Size: 5.4MB - Virtual size: 5.4MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 679KB

.rdata
Size: - Virtual size: 89KB

.data
Size: - Virtual size: 227KB

.`?i
Size: - Virtual size: 3.2MB

.D}}
Size: 4KB - Virtual size: 2KB

.u2[
Size: 5.4MB - Virtual size: 5.4MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 5KB