88998b142405cda30162aa3792a3dcd19d2a470ba93efb2c74dff9158a1cc1f4

Sharing

Copy URL Twitter E-mail

General

Target

88998b142405cda30162aa3792a3dcd19d2a470ba93efb2c74dff9158a1cc1f4
Size

6.2MB
MD5

ab7d707a267ee817e0e52592baf1a43c
SHA1

80cdd65db7f843f1ee34fe779ca87774e805f45c
SHA256

88998b142405cda30162aa3792a3dcd19d2a470ba93efb2c74dff9158a1cc1f4
SHA512

96018777c5bf4f97ccac9b1e9b6a5ea77c99a9251ff839b8268578a4f1ea2e7972ea4d3aef084fdc1d11ae5bfe2f4b108c7f44297e3fc32e037d0155914f64a1
SSDEEP

98304:+U14Na9qL7LU7+3m9TcOunaOYyP6ojFxrDFCMkflv6JLFejFEXrXD/x467:HGgcTLaO0oIMktv6ek/x4i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88998b142405cda30162aa3792a3dcd19d2a470ba93efb2c74dff9158a1cc1f4

Files

88998b142405cda30162aa3792a3dcd19d2a470ba93efb2c74dff9158a1cc1f4
.exe windows:6 windows x86 arch:x86

0bfb2a1fed7f04eeb8441b6ca423903c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA

user32

CopyImage

gdi32

CreateSolidBrush

msimg32

TransparentBlt

winspool.drv

DocumentPropertiesW

advapi32

RegCreateKeyExW

shell32

SHGetKnownFolderPath

comctl32

InitCommonControlsEx

shlwapi

PathRemoveFileSpecW

uxtheme

IsThemeBackgroundPartiallyTransparent

ole32

CoInitializeEx

oleaut32

VarBstrFromDate

oledlg

OleUIBusyW

gdiplus

GdipDrawImageI

version

GetFileVersionInfoW

ws2_32

ioctlsocket

oleacc

LresultFromObject

imm32

ImmReleaseContext

winmm

PlaySoundW

secur32

GetUserNameExA

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

iphlpapi

GetAdaptersInfo

Sections

.text
Size: - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 533KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0bfb2a1fed7f04eeb8441b6ca423903c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

version

ws2_32

oleacc

imm32

winmm

secur32

wininet

urlmon

iphlpapi

Sections

.text Size: - Virtual size: 7.6MB

.mapo Size: 4.7MB - Virtual size: 4.7MB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.mapo Size: 533KB - Virtual size: 536KB

.mapo2 Size: 512B - Virtual size: 4KB

.text
Size: - Virtual size: 7.6MB

.mapo
Size: 4.7MB - Virtual size: 4.7MB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.mapo
Size: 533KB - Virtual size: 536KB

.mapo2
Size: 512B - Virtual size: 4KB