044d47d14c6d60069bd0c9f84a42b89972ce512a9fa047abe8e237cdbd863649

Sharing

Copy URL Twitter E-mail

General

Target

044d47d14c6d60069bd0c9f84a42b89972ce512a9fa047abe8e237cdbd863649
Size

2.3MB
MD5

67d9c8bb9014ee51a4a42521bb3b5627
SHA1

ed1f067e785c5cf7a94b36409d6f55c63f3f2352
SHA256

044d47d14c6d60069bd0c9f84a42b89972ce512a9fa047abe8e237cdbd863649
SHA512

36de321669db0370f3fe081321d17e90cf2e4362b297ef64e83c8239c4fbdd147d639f73a7727e00a031e1666fc9d9bd034d87f9fc557cdc950c4b586c52a240
SSDEEP

49152:Avz0YnhEJ6V8WCP0s3pUns0F/pPQjg/2D2KgiDn/j4:Qz0YnhEJ6V8q6ajxpEU2qKgm/c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044d47d14c6d60069bd0c9f84a42b89972ce512a9fa047abe8e237cdbd863649

Files

044d47d14c6d60069bd0c9f84a42b89972ce512a9fa047abe8e237cdbd863649
.exe windows:4 windows x86 arch:x86

fafe12897942d136b5f2cdcc91d2d4b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

socket

rasapi32

RasHangUpA

kernel32

QueryPerformanceFrequency

user32

SetMenu

gdi32

LineTo

msimg32

GradientFill

winspool.drv

DocumentPropertiesA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

CoDisconnectObject

oleaut32

SysAllocStringLen

comctl32

ImageList_Draw

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 1.2MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.fuck
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fuck
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fafe12897942d136b5f2cdcc91d2d4b4

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wininet

comdlg32

msvcrt

psapi

Sections

.text Size: 1.2MB - Virtual size: 3.3MB

.fuck Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.fuck Size: 4KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 3.3MB

.fuck
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.fuck
Size: 4KB - Virtual size: 4KB