5fbf26d30c431c9f15a0afaf9dcd2c6996215066f85a6742d7ff3a7646a61bb4

Sharing

Copy URL

Twitter E-mail

General

Target

5fbf26d30c431c9f15a0afaf9dcd2c6996215066f85a6742d7ff3a7646a61bb4
Size

8.7MB
MD5

9dd0d615796004118c7f1afa4c93381e
SHA1

9753fa15e1d1b950136101c35508ab040b5df982
SHA256

5fbf26d30c431c9f15a0afaf9dcd2c6996215066f85a6742d7ff3a7646a61bb4
SHA512

f51174e7937db579986485598b3193e2d7876c101fce43640f537318a076db75bf744cc22e7be0debfad73e2aee1bc66f9d3793116202d4a5010b4cc40500b1d
SSDEEP

196608:EY+akdrS3zGRssZ2K/S/2Y5LIiqGUKNKy8:E7V5gzY1//EFKy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5fbf26d30c431c9f15a0afaf9dcd2c6996215066f85a6742d7ff3a7646a61bb4

Files

5fbf26d30c431c9f15a0afaf9dcd2c6996215066f85a6742d7ff3a7646a61bb4
.exe windows:5 windows x86 arch:x86

efe83f0cb393af7c3eb9ccab4ef7571b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetVersionExA
GetVersion
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SystemParametersInfoA
ScreenToClient
CharUpperBuffW

gdi32

CreateEllipticRgn
MoveToEx

winmm

midiStreamClose
waveOutOpen

winspool.drv

DocumentPropertiesA
DocumentPropertiesA

advapi32

RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

SafeArrayGetDim
RegisterTypeLi

comctl32

ImageList_Destroy
ImageList_Add

ws2_32

WSAAsyncSelect
inet_ntoa

comdlg32

ChooseColorA

Sections

Upx1
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Upx1
Size: - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Upx1
Size: - Virtual size: 520KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Upx1
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Upx1
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Upx1
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Upx1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Upx1
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Upx1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Upx1
Size: 552KB - Virtual size: 549KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Upx1
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efe83f0cb393af7c3eb9ccab4ef7571b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

Upx1 Size: - Virtual size: 1.4MB

Upx1 Size: - Virtual size: 235KB

Upx1 Size: - Virtual size: 520KB

Upx1 Size: - Virtual size: 4.2MB

Upx1 Size: 8KB - Virtual size: 4KB

Upx1 Size: 6.5MB - Virtual size: 6.5MB

Upx1 Size: 8KB - Virtual size: 7KB

Upx1 Size: 1.7MB - Virtual size: 1.7MB

Upx1 Size: 4KB - Virtual size: 4KB

Upx1 Size: 552KB - Virtual size: 549KB

Upx1 Size: 8KB - Virtual size: 7KB

Upx1
Size: - Virtual size: 1.4MB

Upx1
Size: - Virtual size: 235KB

Upx1
Size: - Virtual size: 520KB

Upx1
Size: - Virtual size: 4.2MB

Upx1
Size: 8KB - Virtual size: 4KB

Upx1
Size: 6.5MB - Virtual size: 6.5MB

Upx1
Size: 8KB - Virtual size: 7KB

Upx1
Size: 1.7MB - Virtual size: 1.7MB

Upx1
Size: 4KB - Virtual size: 4KB

Upx1
Size: 552KB - Virtual size: 549KB

Upx1
Size: 8KB - Virtual size: 7KB