5f3bb03ea4085ee1bd700f8524062e5a65cece73808fb0362b185aeba1d50af0

Sharing

Copy URL Twitter E-mail

General

Target

5f3bb03ea4085ee1bd700f8524062e5a65cece73808fb0362b185aeba1d50af0
Size

7.1MB
MD5

12d1eb749b062fa467701c0e74c03724
SHA1

9006b611ccd343241019902e1d2b3f5b7cf96274
SHA256

5f3bb03ea4085ee1bd700f8524062e5a65cece73808fb0362b185aeba1d50af0
SHA512

fc9b019ccf1c136f656a90e2d1e03809766aac100f4dd7d8fb5f54dfaec38fe027881c29b2b57f562453d68ac6641eb05ae5cadcde00c28df08ec4d38789cdf0
SSDEEP

98304:RvbvXJNx0R572L8hGwbagSvKXOiJtviENHL1hS+hQ5eEpGcSxQMQzEAm9v:RDvJbcA16aPvRi3iENHRPSMcIksv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f3bb03ea4085ee1bd700f8524062e5a65cece73808fb0362b185aeba1d50af0

Files

5f3bb03ea4085ee1bd700f8524062e5a65cece73808fb0362b185aeba1d50af0
.exe windows:5 windows x86 arch:x86

a36b3fc73084c1c116d69c7ab36929f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperA
CharUpperBuffW

gdi32

CreateRectRgnIndirect

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

VariantCopy

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 699KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.i+P
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.)|G
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.*dP
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36b3fc73084c1c116d69c7ab36929f3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 699KB

.rdata Size: - Virtual size: 1.2MB

.data Size: - Virtual size: 268KB

.i+P Size: - Virtual size: 3.8MB

.)|G Size: 4KB - Virtual size: 2KB

.*dP Size: 6.9MB - Virtual size: 6.9MB

.rsrc Size: 164KB - Virtual size: 160KB

.text
Size: - Virtual size: 699KB

.rdata
Size: - Virtual size: 1.2MB

.data
Size: - Virtual size: 268KB

.i+P
Size: - Virtual size: 3.8MB

.)|G
Size: 4KB - Virtual size: 2KB

.*dP
Size: 6.9MB - Virtual size: 6.9MB

.rsrc
Size: 164KB - Virtual size: 160KB