6976882af51678ea8a46f899d91b7427ad9ec1d865d57b0473c4577456855f13

Sharing

Copy URL Twitter E-mail

General

Target

6976882af51678ea8a46f899d91b7427ad9ec1d865d57b0473c4577456855f13
Size

4.8MB
MD5

2e4f2e9ca8f943b43da889761aad3ffc
SHA1

62897b4407666dcce984d40807b459263a09288d
SHA256

6976882af51678ea8a46f899d91b7427ad9ec1d865d57b0473c4577456855f13
SHA512

849d2ddf79831d51216e6b4d1751fd882bbafa0aeef02f1f05d685764ab870c3f3bed4d6e22986a3651b23cb2f4e7a89d1375ca1b9d229ff197fba1b9dc4ebd7
SSDEEP

98304:r1kAB4o/IsxNtu/Qt3V59qbkIlWdvCWJh9pHn3oWJ6alOyCgR4J4SjDCyp:rduo/pxztF59qEvCAPH3vblqgR3aCyp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6976882af51678ea8a46f899d91b7427ad9ec1d865d57b0473c4577456855f13

Files

6976882af51678ea8a46f899d91b7427ad9ec1d865d57b0473c4577456855f13
.exe windows:4 windows x86 arch:x86

2d2c34a26a97d016ad58d8c377daf299

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
HeapSize

shlwapi

PathFindExtensionA

ws2_32

htons
inet_ntoa

version

GetFileVersionInfoSizeA

user32

GetDlgItem
SetWindowRgn

advapi32

RegCloseKey
RegCreateKeyExA

shell32

SHGetSpecialFolderPathA
DragQueryFileA

ole32

CLSIDFromProgID

psapi

GetModuleInformation

oleaut32

SafeArrayAllocData
RegisterTypeLi

winmm

midiStreamOpen

gdi32

ExcludeClipRect

winspool.drv

ClosePrinter

comctl32

ImageList_BeginDrag

comdlg32

GetSaveFileNameA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

Sections

.text
Size: 3.3MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d2c34a26a97d016ad58d8c377daf299

Headers

File Characteristics

Imports

kernel32

shlwapi

ws2_32

version

user32

advapi32

shell32

ole32

psapi

oleaut32

winmm

gdi32

winspool.drv

comctl32

comdlg32

msvcrt

iphlpapi

Sections

.text Size: 3.3MB - Virtual size: 6.8MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 12KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 3.3MB - Virtual size: 6.8MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 12KB

.sedata
Size: 4KB - Virtual size: 4KB