370af4ec24b8874649ddcb3601c2474899068120b5ef3bf52a642fc7b366c415

Sharing

Copy URL Twitter E-mail

General

Target

370af4ec24b8874649ddcb3601c2474899068120b5ef3bf52a642fc7b366c415
Size

7.5MB
MD5

a4cd8bc8a9ee397b9c90e4425df4f92e
SHA1

0927e794afd2dd4c6e990f6a664451bec4e5bf3a
SHA256

370af4ec24b8874649ddcb3601c2474899068120b5ef3bf52a642fc7b366c415
SHA512

40ce83d72f854e81f11b0f89e72170958e561ec0d454cdc778afbafbbb5a712eab1352d53ddcff7e9b6b44145e8270a1d21426596b87da0b147134092a05e0f5
SSDEEP

196608:e7pmvs9s0Mp6g2ZqKqjxZ/Lmras8/yNVsQP6U:Umv9pp6xZ18n/LWlrvsm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
370af4ec24b8874649ddcb3601c2474899068120b5ef3bf52a642fc7b366c415

Files

370af4ec24b8874649ddcb3601c2474899068120b5ef3bf52a642fc7b366c415
.exe windows:5 windows x86 arch:x86

34ec1361320fd3ebf59ed23863d11188

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

ws2_32

socket

hpsocket_u

HP_Create_HttpServer

avcodec-58

avcodec_close

avformat-58

av_read_frame

avutil-56

av_log

sdl2

SDL_Quit

sdl2_image

IMG_Init

sdl2_ttf

TTF_Init

swscale-5

sws_scale

imm32

ImmGetContext

wininet

FtpCommandW

oleacc

LresultFromObject

dbghelp

MiniDumpWriteDump

uxtheme

DrawThemeParentBackground

winmm

PlaySoundW

gdiplus

ord1

oledlg

OleUIBusyW

oleaut32

SafeArrayGetUBound

ole32

OleRun

shlwapi

PathIsUNCW

comctl32

ImageList_Create

winspool.drv

GetJobW

comdlg32

GetFileTitleW

msimg32

AlphaBlend

gdi32

ArcTo

Sections

.AKS1
Size: 3.4MB - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 3.9MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34ec1361320fd3ebf59ed23863d11188

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

ws2_32

hpsocket_u

avcodec-58

avformat-58

avutil-56

sdl2

sdl2_image

sdl2_ttf

swscale-5

imm32

wininet

oleacc

dbghelp

uxtheme

winmm

gdiplus

oledlg

oleaut32

ole32

shlwapi

comctl32

winspool.drv

comdlg32

msimg32

gdi32

Sections

.AKS1 Size: 3.4MB - Virtual size: 8.3MB

.AKS2 Size: 3.9MB - Virtual size: 5.7MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 193KB - Virtual size: 193KB

.AKS1
Size: 3.4MB - Virtual size: 8.3MB

.AKS2
Size: 3.9MB - Virtual size: 5.7MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 193KB - Virtual size: 193KB