cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615

Sharing

Copy URL

Twitter E-mail

General

Target

cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
Size

13.5MB
MD5

8b51dc6776d7107152bf6b98ecc44195
SHA1

8a127f154df6aea1d80224c04be37ee5ae4c51af
SHA256

cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
SHA512

0b26d4e0bbac268d295a65d22beb903c7e14eb576314864a27d855259d64649222e43bc6e4ab5271dc30d766e5a4c20f23f59d60362de78b9f277947a070aed2
SSDEEP

393216:NayqiLvxaN0jU21Ya74sj2Anv+geYYzpKez3BL7+1:bq9AU26aEsj2Axh2pKQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615

Files

cd268529983dfaeb90e0869f9fda79329e257b47a99d25ef4c5997da7263d615
.exe windows:5 windows x86 arch:x86

775df5eb0b81183ac3d80edc69807443

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

WSAAsyncSelect

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

PeekMessageA

gdi32

ExtSelectClipRgn

msimg32

GradientFill

winspool.drv

ClosePrinter

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

UnRegisterTypeLi

comctl32

_TrackMouseEvent

wldap32

ord29

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 983KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.M{]
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.+Ir
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.+-V
Size: 13.5MB - Virtual size: 13.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

775df5eb0b81183ac3d80edc69807443

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

comdlg32

Sections

.text Size: - Virtual size: 983KB

.rdata Size: - Virtual size: 6.1MB

.data Size: - Virtual size: 327KB

.M{] Size: - Virtual size: 5.5MB

.+Ir Size: 4KB - Virtual size: 2KB

.+-V Size: 13.5MB - Virtual size: 13.5MB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 983KB

.rdata
Size: - Virtual size: 6.1MB

.data
Size: - Virtual size: 327KB

.M{]
Size: - Virtual size: 5.5MB

.+Ir
Size: 4KB - Virtual size: 2KB

.+-V
Size: 13.5MB - Virtual size: 13.5MB

.rsrc
Size: 8KB - Virtual size: 5KB