9fce5fe3e33622b83fa110a920aa8652c068ea234663ea2548290c63759d9099

Sharing

Copy URL Twitter E-mail

General

Target

9fce5fe3e33622b83fa110a920aa8652c068ea234663ea2548290c63759d9099
Size

5.1MB
MD5

945c0d67537383dab30cc36018b55fa0
SHA1

04174a83abf556dac6b46c62eb7c76074e83c668
SHA256

9fce5fe3e33622b83fa110a920aa8652c068ea234663ea2548290c63759d9099
SHA512

531459d9c9a1c27e721fe3c99d63220f4db456b6d8e9044ddcca03d89de5427bacfc51ebd50943d96299f726002b41ee350d7276a9e50272a0d875c5a7512cc3
SSDEEP

98304:HEhEtDzENLQFilhhrcZum4YoDmPFkLJpVkWQTC5BB8jrTNMBDBwQuOJvCYfXixw:HEmtDYCFivNcZEYacFIJpomaxIKQ3VSS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9fce5fe3e33622b83fa110a920aa8652c068ea234663ea2548290c63759d9099

Files

9fce5fe3e33622b83fa110a920aa8652c068ea234663ea2548290c63759d9099
.exe windows:4 windows x86 arch:x86

3a5d3f522e29d1e5add8c44d93b89d94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

aquarius2

?GetValue@ProxyCookie@@QAEPADXZ

winmm

midiStreamRestart

ws2_32

socket

kernel32

lstrcmpiA

user32

GetSystemMenu

gdi32

ExcludeClipRect

msimg32

GradientFill

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegOpenKeyExA

shell32

DragQueryFileA

ole32

CoGetClassObject

oleaut32

SysAllocStringByteLen

comctl32

ImageList_Draw

oledlg

ord8

wldap32

ord29

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 3.9MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a5d3f522e29d1e5add8c44d93b89d94

Headers

File Characteristics

Imports

aquarius2

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

wldap32

msvcrt

iphlpapi

psapi

Sections

.text Size: 3.9MB - Virtual size: 5.6MB

.sedata Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 3.9MB - Virtual size: 5.6MB

.sedata
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB