a8b4185fb3745fbea25d1f4dd14138dc138cc3f46d764e4f718a43660d39c851

Sharing

Copy URL

Twitter E-mail

General

Target

a8b4185fb3745fbea25d1f4dd14138dc138cc3f46d764e4f718a43660d39c851
Size

6.8MB
MD5

f293295c8bb7ac339b0aa09dea3bc42d
SHA1

21c06abb4d979a86299dce68155627adc67a9c4d
SHA256

a8b4185fb3745fbea25d1f4dd14138dc138cc3f46d764e4f718a43660d39c851
SHA512

65f57fd66e5577196b8268d4ab79fbb2d25c1a746003db3cd9d42f141b9d35f950d2c14f05fdb5095ed68fcc2d7b174b34b5dff9d91e2caea74190c96535a1bf
SSDEEP

196608:ihTGsAK4h2RW7un6tSg/tdxlf6Dhf9azcZCnEMx:ihTGCMunRgefed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8b4185fb3745fbea25d1f4dd14138dc138cc3f46d764e4f718a43660d39c851

Files

a8b4185fb3745fbea25d1f4dd14138dc138cc3f46d764e4f718a43660d39c851
.exe windows:5 windows x86 arch:x86

24998a10a8e88e1c8f5827c565716c52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetConnectStatusA

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetPropA

gdi32

GetViewportExtEx

winmm

waveOutUnprepareHeader

winspool.drv

OpenPrinterA

advapi32

RegSetValueExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

closesocket

wininet

InternetCanonicalizeUrlA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

._jn
Size: - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

."[I
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.<gK
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24998a10a8e88e1c8f5827c565716c52

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 712KB

.rdata Size: - Virtual size: 606KB

.data Size: - Virtual size: 352KB

._jn Size: - Virtual size: 3.7MB

."[I Size: 4KB - Virtual size: 2KB

.<gK Size: 6.7MB - Virtual size: 6.7MB

.rsrc Size: 72KB - Virtual size: 68KB

.text
Size: - Virtual size: 712KB

.rdata
Size: - Virtual size: 606KB

.data
Size: - Virtual size: 352KB

._jn
Size: - Virtual size: 3.7MB

."[I
Size: 4KB - Virtual size: 2KB

.<gK
Size: 6.7MB - Virtual size: 6.7MB

.rsrc
Size: 72KB - Virtual size: 68KB