66a34518f3bbb0483f3e7997fda1a3b992e04a7f8a91c927bd8c0d4bcc6d25b0

Sharing

Copy URL Twitter E-mail

General

Target

66a34518f3bbb0483f3e7997fda1a3b992e04a7f8a91c927bd8c0d4bcc6d25b0
Size

12.7MB
MD5

11dfc12577e8cd498c12bc54624c7c39
SHA1

58cea95085ae9ec6f6066ca1db688e42277e02d9
SHA256

66a34518f3bbb0483f3e7997fda1a3b992e04a7f8a91c927bd8c0d4bcc6d25b0
SHA512

b29e6f0dcf9b9092cfc1c1a831c2fdf04807776d0fb41963efd534bad0890a133f062156458e2c040c9efec995b47799750b34c4140814188456bf92aad3e95f
SSDEEP

196608:Lbd6hQ61B8xlrJ4LQXHoZTLbOyBao7nbpMlVDhAqDCoLASeb+t56vbE2c2cUOSzW:/QC6IVHXmLqyIkWXD6qOKMc6vojtU9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66a34518f3bbb0483f3e7997fda1a3b992e04a7f8a91c927bd8c0d4bcc6d25b0

Files

66a34518f3bbb0483f3e7997fda1a3b992e04a7f8a91c927bd8c0d4bcc6d25b0
.exe windows:5 windows x86 arch:x86

01512492ef4817aa3ce14d2155c7ab03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamOut

ws2_32

bind

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetFocus
CharUpperBuffW

gdi32

TextOutA

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayDestroy

comctl32

ord17

comdlg32

ChooseFontA

Exports

Exports

�r�ѻ9��EfJ�OxB+�$�xA'�CEl�u�̕1~�\P�w��ms|$r_�qU��b�A}��g��@��`m�+��_`F��_m��A��E�+�;l9��Ï�<4܂�a@:�i��7�湞TP�\��:B^��J��w�~��ۺ�l�K?V�o�m+t� 1ǲ1b^��wdQ9��zN��!k�*�� >a!��px��`42� ��|]&r+#�n�kN`=b+�[�vguԽ�A�b`K�� Qz#�*puK�,#�[�2��Ʌ��lI�M��WGf'�%�켜�Z׆�Y7�I��e�k��B1��ڿ�$��Dy�0��҄3QZ+_CE�4j��X��P�1��5!^��2��3U��nA��eK��q��pd�#_Ĥ��gb��B��٪��r��C�� 4`��h��~9W]��X��TQ��3�>��u��*P��|�e�J�D 璻qޕ�RA�D{~�)a��.,��%�O��8m�� E{��gP;VLAteK�,%x<�HY=��ğh��7p��S��,��F�ώ� �|��%��5�#e�(��o a��ZgBt��%��!P�-X��`��nc�ٳ<X��rC^a��}�FzE��g�dP(Y� ɥ�Xm��uZ��#��,䥛l�dr�ơI��W@R��6҃�_��=1�0�_��O,�� X&,��;H�H2ū�f��iպ� �δ��T��2#0ӏ��A}DN܍u�%{*��w�K��G�}{��;�~�� v��1��U�s\I1�Q�n��#�� g��5B��~��@䕖��,��I��l�w��r��k-o��_ͳ�E��򺪲G��|�8��&� UͶ1��R�l��B%�B`�b��3�:s�g�Ȕf׃��$�' 廒��_��Y��F�� m\4��+V��1Q�+I��e"�7� ,Pڦk�&y\� 5˞Q��;��>��Ɠc��mu�ŭ�A�z�;O0��H��!!�[��(� u)@��jmU��ǚ�h��;.��"Ř��}�gG��r-d��=V�d|�6��X��g0��^�Ȑ�,��G<��*��d��fo��K�"Y��O�TD�!�0s�w?��Hxȣ;��1ƶ'�Yܴ2j+� ;� ��$�bM�Ȭp��bD�A��k5�1[�@��!��l!pV�T=<w��F+�6�e}uB��Me��M�I��9*?F��8�2O/t��<=ϭ�8�)��R��$�mqۉ��Tڏ��j��Ն��s��$�Y�h�l��ACꉿ��c��ﲼ��$�Z�en;֕,�%3�\Pj�4k�Q�Љm�1�A��;�xR��L/�Ju܊.e(z�n��kZ��ę��z��T\��{�ז]ո��SNၔA��+�A]�ɽ|�U�;�4�e�M��($��V/Q11�n_e��m��r6��J~�:��I��KPD��5Q�5��]� (��R��uE�(#��i��_�PVh��3]�ڕ]݉�_Dpɥ�iz��&&6��&��HP��G��[_)��Y�煉�1��]��A�&4ӹ$��L�� UC��#LyN�en��[gL�P��WG�#l��`��f��}��}-�u-P��<%M��S��=�6_r�n榪S��lc9l�'��!��%�X��N�K�- ϓ�g�+�0�]z�ⵊ�&�0nS��'>��Y�d��ϐ��cRN3Ǫ �[j%��J��ze$J��^��18�e��:��#�!F�,�� 9ݸ��l��o3�[�$��3r��eSGAq��X9� ��~��W��H@E9�/;�CIP5��]f7�U�/b�.r�L?ył��=�p��:f�c��'zÓ�y��؎�T{@P,BUU��`~�� O��y岿O�-�u��D�B a��P��A#�~1b4i�<�^�(�Zm�E�\'w˖(�8�Ø�΋z'���^4Yi+p��J$�Y� FN�ؑD��e��Z<�A��%u� ��(��8�ݥf�T��KR�ք��n�5ΰcߊ��l� �S��а��O:w"��g��j�hn)&�A�Cs��#�5~4�ܯ��w[�i^��u�D��ˈ��)�m��o�M=��m-��z��tO�~��w�sp��*Jb�^��?�m��h�I'\,#�1�� j��6�'��3��o�s5�)Mi�g&aky{��~�:)*ɯr��_��2k��"á%R9=6��O ��4��x��h��F��A�z0��[�kNk��]s*��3Աic��ɢ�A�9v8E5!吳y ��U{��9I��G�� 4��$+n>��?F��]�OY�MJ�Y�D� ��$�yK&��e��W:�`��~�� Ǚ`V��j��,<ځ��c�A�"�/z��m��8+�h�`z>��E�A��E&�w��~�~�2��J�]�O��:ƙ��ݽ�dMق�R��..��p��yg]>��S��e}��Mjl��Q?9�0�Tb�5�ʞ ��G��J��:3<!�Cxu̮�1�Y5�lVK�ұTW�=��6E�FZ\፶I.^�1P@Q�S�Ւ\{�k9��7(_�0gE �v��XG<�.�]�qX�NO�m�W�L�~=m��.;Pʚg,�!-�� =�B"v��,<�ia�[r�I7�J��d��G�#B��"j�R^.aO�ҌP�^B�DI��w�(�?ߍPw��=aƔ�3�� 3�G$�R(K2��r�S[�J�l�޿��f�BQ̳M�d��Ug`~kͩd#�j\ Q�v�}��h�

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.+$F
Size: - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.s_*
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.%'@
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01512492ef4817aa3ce14d2155c7ab03

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: - Virtual size: 3.2MB

.data Size: - Virtual size: 310KB

.+$F Size: - Virtual size: 7.3MB

.s_* Size: 4KB - Virtual size: 2KB

.%'@ Size: 12.7MB - Virtual size: 12.7MB

.rsrc Size: 40KB - Virtual size: 36KB

.text
Size: - Virtual size: 1.6MB

.rdata
Size: - Virtual size: 3.2MB

.data
Size: - Virtual size: 310KB

.+$F
Size: - Virtual size: 7.3MB

.s_*
Size: 4KB - Virtual size: 2KB

.%'@
Size: 12.7MB - Virtual size: 12.7MB

.rsrc
Size: 40KB - Virtual size: 36KB