cb47bd549179e41c2e331c2b67b010a0b179c67ed64606aa116d01311fa6dd31

Sharing

Copy URL

Twitter E-mail

General

Target

cb47bd549179e41c2e331c2b67b010a0b179c67ed64606aa116d01311fa6dd31
Size

2.5MB
MD5

18a332fae7e9dc6bbb82f9ef7de738ae
SHA1

1f127757ab34cfb967a2cf700d0fb2f9fe4a37f1
SHA256

cb47bd549179e41c2e331c2b67b010a0b179c67ed64606aa116d01311fa6dd31
SHA512

5de45e86863084031e2fc02771963da08c2b55a0bcc1eee48239cb014479972b73cb8bfec0f52f5041945a462c8883b9d24c46c6d0eacffb0fe16c7b14e8df50
SSDEEP

49152:a6BmqqALtZtnrtd/nYBg5ntcPLp4Nr2kSFKeuJttxPoeJNZ7bdse2Zf2Z:a6BmqqALJnrTvYBgCjAr2bVkttxgW/75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb47bd549179e41c2e331c2b67b010a0b179c67ed64606aa116d01311fa6dd31

Files

cb47bd549179e41c2e331c2b67b010a0b179c67ed64606aa116d01311fa6dd31
.exe windows:5 windows x86 arch:x86

863ab48aed8c5c5f9dadd7250781275d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

gdiplus

GdipFree

iocptcp

TcpSend

iocpudp

UdpInit

user32

GetDC

gdi32

SaveDC

comdlg32

GetFileTitleA

advapi32

FreeSid

shell32

DragFinish

ole32

CoInitialize

oleaut32

SysFreeString

disklessmultiserver

InitMultiSvr

ws2_32

htonl

iphlpapi

SendARP

version

VerQueryValueA

crypt32

CryptMsgClose

wintrust

WinVerifyTrust

rpcrt4

UuidCreate

imm32

ImmGetContext

comctl32

ord17

dbghelp

MiniDumpWriteDump

shlwapi

PathIsUNCA

wininet

InternetOpenA

psapi

GetProcessMemoryInfo

winhttp

WinHttpOpen

Sections

.MPRESS1
Size: 2.1MB - Virtual size: 15.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

863ab48aed8c5c5f9dadd7250781275d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdiplus

iocptcp

iocpudp

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

disklessmultiserver

ws2_32

iphlpapi

version

crypt32

wintrust

rpcrt4

imm32

comctl32

dbghelp

shlwapi

wininet

psapi

winhttp

Sections

.MPRESS1 Size: 2.1MB - Virtual size: 15.4MB

.MPRESS2 Size: 4KB - Virtual size: 4KB

.rsrc Size: 365KB - Virtual size: 365KB

.MPRESS1
Size: 2.1MB - Virtual size: 15.4MB

.MPRESS2
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 365KB - Virtual size: 365KB