507668332648e93f0d46b0669557eaa651b58fcc8da6619db9484c286f809d15

Sharing

Copy URL

Twitter E-mail

General

Target

507668332648e93f0d46b0669557eaa651b58fcc8da6619db9484c286f809d15
Size

4.2MB
MD5

ecce832fc5ecfbaaaed99f9159fb8ae6
SHA1

b7f2dfa4177700130532600fea12f181c2898c21
SHA256

507668332648e93f0d46b0669557eaa651b58fcc8da6619db9484c286f809d15
SHA512

eeaf3a4ee4e65ba1ce5dd3e612e25da522adaddfddd16a98e19a3f73661b0041004cf06085ef29f0556a56be057aa6ea633cbd82ade16eb2ff892004dd08d752
SSDEEP

98304:IDvMojsVOS/0dJXSuKAGa1YkuQQZpj/qAWvh:IrMqSMKNXvxLj/qAWvh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
507668332648e93f0d46b0669557eaa651b58fcc8da6619db9484c286f809d15

Files

507668332648e93f0d46b0669557eaa651b58fcc8da6619db9484c286f809d15
.exe windows:5 windows x86 arch:x86

8ea38c05d16f2ba60fdc20a0bbb8b1cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetWindowRgn

gdi32

CloseEnhMetaFile

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA

shlwapi

StrChrA

ws2_32

ioctlsocket

wldap32

ord60

advapi32

CryptEncrypt

ole32

CLSIDFromProgID

oleaut32

SysFreeString

comctl32

InitCommonControlsEx

gdiplus

GdipFree

imm32

ImmGetContext

winmm

timeGetTime

Exports

Exports

[f��pdŮ��2�P��9&ì� -�Y�IP�_�˻懤�>p�N鯫&� ygv�ӘQZx��(� 9��~��J�m��ų�ҟk�*?��=o��r�":Pܴe��P��հZ ��c��R$ &�A'w;��>��n]��Hu0mwm�"�@AH��,v��=s��$G��K)#ՃWd-�tC�kD<��pZ��>KJ��x2��]m_��w��&��D�C�T��΍��~��cB��B��0��tRM�䆻g?��í!��ʌ�r�'шP�Ù ��3Gc�1�X3>��֕��Ғ�"�X��u�J��Ղ�ؙF�C�� A��?��WO7��x<o�JP�\�A�zyG۵f*ϓ:ͣ�_��I��L*�N�"?qPZ��0<;)��H d ��7�N��CgVN��#i��5 3�\�+Ā>�6q��n�d�w<悈�$xu��I-� �PWb��Y��e��b��P**-��u��O�w��64��+\�q�$��c��}�^1��r�K�WYu�(z��6�R��\�kڊ�cN�qe]�຦'�!��l�Rk��Ǹ z�!֘=��i�_aƎ��+��o.}�ʎꇱp��N�:�Ɵ^��J�a��_�j4�D*;,Lj��$Sy��h��a��N�� oǈ¬ "[;��y�� *�j��8�<S8GR�3��E�Z�.�[F��j��&I��YR= ��ɓ�q��q��@N,�sG5��R��P~dCg��J��\��oz�y4��ȅP�lL�|)郍�|G L%9J!��G��9\��FIYX��'_�Vt{>�왤�� 9��,S!�;��}`߉A�&9��"klZ�{k`at�\�_[�O�|�t�m��]�h8^�U$�[�C�^j{�� P��8��m�3!z3��!}�$��c��sj�|[��gٺ��C��h�dD��E�}��!a��4��x��)B��Z��_r$��@�!��ˆ��ܜau�r�_NM{'��f�KZ��N}{�9�P\*D��䆴�X�GZq�`.��oN1k'ʱnKj))��_�!<��y�?e+Be��_�:�+�� b�8�7Ww��{�"�B�eR�,;��5�a��`��(n)^DN��&�*�Z��ȉ��._?�T;��n%��H�ߴ2��ϊp��A`:�a8{�ӭ�u�&\��,��T��w?��d0�{��M�A�7YB��=�9��L>�q�� b�qߎdm��!i�a��w�ט��h��>LQ��@�/C�� x��w��O{/��uQ�I��L��!�O˽��q��-#vU ��ƺ�v��cr\:��ާ�:R�7k$�ŏ��=��K7�|�9��X��%H5��\��P�@+��u��!ֺ�K��R8% ��j�V�H��xO��(�ΰe:�j٩��G _D��W?��#��ie�)-k�K��[f��Tn��b�p��,�A�T3��:��i��-��/��U��O�w��E�m�b�2WnM��C��6!�F5�� L�i��W�O��p�8��t��W�Lx��N��I9��k�^�W(��n<��pY]�J��i�}��`7�9�D�C�V��z�.�ĴܹM��v{W9�W ��;j��4�Rh�d%��k^�\��`�2�8r�|ߣr�^j='��o��7!+,�(v�Ij3�~p1�"��V�¾�I��ة?=|g��S��Oju��Ș!l��_.Hsx�eƀ�B\䏬��eh�� 1��ʹ�Bæ�w*׌�҆��3�w4TY[&/��rX��~^a��D�"+yu�J��w%�n8� ��3�e�i��]�� $4`I��߃G�Q��=�^`P]%Q�n�0�-VhC��8,� ��w��;S�)��B��F꞊Xs�e��.��N1/:f�i��q&+af!�� F�ǋѹA��|�a��S�GZ>I��{�@6�YH�Ƈ8e�Ȋ�U�i46�IY�R��q��+دz��y��S��D� �NơRa�U/�`@��%��nƔ�UA��h��վ�]��TI/�[A��q��J��[1/��ՠ��RIJ�CJ�� $��.��Jp�{+�2ٓ��xn��(0��V��MXb�a��8ē�@ 4��|^-Y��i'-x?�|D�0�=�0��R��ϫm�)j�kV��Cȣ�l��ޭc��de �7�dD��K�y��>x�b�ѕ->��ʳqƥ�3��L ��B7��x�p�`��F�A��:ylި��`5Q9]~~L̋��0��rGHmy3�"��.�Y��4�l��L�^ ,^χ�T��R��W7��>�:xuY�� 8<��1E��Y�]��1�/m�3��V��Cb��W ��ن�3��]3�<��ǈ�c�YTQF��3��ַ�a��"��ЕZ��wiJ./��5ԅlA��~�� ]��ӽ8,G��@�J��<�o��+j��tS��w��5Nz�>Ip��j� ��EN�p�+N�d��\�{�n��ٙWp��5=�|=D��)��mȑw]Rn �.1+ZD�P��i(! �}��/�l\�Z� +�U��4��;h��Z�3�xȺΓ��N?]��jҢ��H�.w(j��z/��` 2[s��Ñ�d�)1 Mk9F�C�p�8�^��w9͈k��ǛF��p��zr��}x��~��K��~@NgX�Sca^��q,��X��m�2ݣ=܊1b��"a�(we��qX��R�8�v0�Pi��3μʪKQ��5�;&\.t�:�'r��I�[�tS�K�*��wZ��HɻH;��֫��L�c�B��IH�QA�m

Sections

.text
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdg0
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jdg1
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ea38c05d16f2ba60fdc20a0bbb8b1cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

shlwapi

ws2_32

wldap32

advapi32

ole32

oleaut32

comctl32

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: - Virtual size: 1.6MB

.rdata Size: - Virtual size: 292KB

.data Size: - Virtual size: 26KB

.tls Size: 512B - Virtual size: 17B

.jdg0 Size: - Virtual size: 3.2MB

.jdg1 Size: 4.2MB - Virtual size: 4.2MB

.reloc Size: 512B - Virtual size: 476B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: - Virtual size: 1.6MB

.rdata
Size: - Virtual size: 292KB

.data
Size: - Virtual size: 26KB

.tls
Size: 512B - Virtual size: 17B

.jdg0
Size: - Virtual size: 3.2MB

.jdg1
Size: 4.2MB - Virtual size: 4.2MB

.reloc
Size: 512B - Virtual size: 476B

.rsrc
Size: 6KB - Virtual size: 5KB