da68101535af39130e2ca44e46868dd4c7ecfa307c05313dfafecbe4332509e4

Sharing

Copy URL

Twitter E-mail

General

Target

da68101535af39130e2ca44e46868dd4c7ecfa307c05313dfafecbe4332509e4
Size

14.7MB
MD5

a81a7dd051c9c6416c23919f2940fe86
SHA1

539c9e8d0a5e4ab5c0576fac012012645a60a76f
SHA256

da68101535af39130e2ca44e46868dd4c7ecfa307c05313dfafecbe4332509e4
SHA512

fc3975cb06775161083f94dde1b80c6218011ed1ee8f009a972c9c81b493a4834ffbca35d95b1ac39d8edf42ebe0ee5cee771869c49f4c0aa5dd88927eb2a6db
SSDEEP

393216:U/wlakmlXZBbpws9uEdhMZPFwrw42Y3AN6QMtV1kZUhzhKP:U/Dkmxvtw/2aRarY4AHMOqhK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da68101535af39130e2ca44e46868dd4c7ecfa307c05313dfafecbe4332509e4

Files

da68101535af39130e2ca44e46868dd4c7ecfa307c05313dfafecbe4332509e4
.exe windows:5 windows x86 arch:x86

7a1e69d465d0e1cdd5419ec6c4ba1d32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamProperty

ws2_32

WSAAsyncSelect

rasapi32

RasGetConnectStatusA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

IsDialogMessageA
CharUpperBuffW

gdi32

GetObjectA

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayDestroy

comctl32

ImageList_Destroy

wininet

InternetCloseHandle

Sections

Fy
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fy
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fy
Size: - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fy
Size: - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fy
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fy
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fy
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Fy
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Fy
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fy
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Fy
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7a1e69d465d0e1cdd5419ec6c4ba1d32

Headers

File Characteristics

Imports

winmm

ws2_32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

Sections

Fy Size: - Virtual size: 1.3MB

Fy Size: - Virtual size: 3.7MB

Fy Size: - Virtual size: 477KB

Fy Size: - Virtual size: 7.7MB

Fy Size: 4KB - Virtual size: 2KB

Fy Size: 12.5MB - Virtual size: 12.5MB

Fy Size: 16KB - Virtual size: 12KB

Fy Size: 1.7MB - Virtual size: 1.7MB

Fy Size: 4KB - Virtual size: 4KB

Fy Size: 548KB - Virtual size: 547KB

Fy Size: 16KB - Virtual size: 12KB

Fy
Size: - Virtual size: 1.3MB

Fy
Size: - Virtual size: 3.7MB

Fy
Size: - Virtual size: 477KB

Fy
Size: - Virtual size: 7.7MB

Fy
Size: 4KB - Virtual size: 2KB

Fy
Size: 12.5MB - Virtual size: 12.5MB

Fy
Size: 16KB - Virtual size: 12KB

Fy
Size: 1.7MB - Virtual size: 1.7MB

Fy
Size: 4KB - Virtual size: 4KB

Fy
Size: 548KB - Virtual size: 547KB

Fy
Size: 16KB - Virtual size: 12KB