cb5631b3c8825fc7ace644ad8a7cbd2ab69454335e245dd4aa0f6eaf073b77b4

Sharing

Copy URL Twitter E-mail

General

Target

cb5631b3c8825fc7ace644ad8a7cbd2ab69454335e245dd4aa0f6eaf073b77b4
Size

8.1MB
MD5

acf0805c03d772dd2cfc952e6792ce77
SHA1

f83e014624e564fe653decaf89f28ac0c0fd4e40
SHA256

cb5631b3c8825fc7ace644ad8a7cbd2ab69454335e245dd4aa0f6eaf073b77b4
SHA512

f78e23f69172b94986ed4fe7d15ce7d28d65f59b041c8b9a60e68780ae5f1626058024e026830ff7e460c77fadb452aedd0cb5ed5795643e9bbbc9d3614b9103
SSDEEP

196608:SghXwOY0/n6IRNig0oHVYAGG0CdmOHNryikofK:SYw9on6mig0oHVROEmG5f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb5631b3c8825fc7ace644ad8a7cbd2ab69454335e245dd4aa0f6eaf073b77b4

Files

cb5631b3c8825fc7ace644ad8a7cbd2ab69454335e245dd4aa0f6eaf073b77b4
.exe windows:5 windows x86 arch:x86

f70a7a270dbe89bb944aa6ad0c158d7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ScreenToClient
CharUpperBuffW

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

LoadTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

Size: - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 556KB - Virtual size: 555KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f70a7a270dbe89bb944aa6ad0c158d7d

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

Size: - Virtual size: 780KB

Size: - Virtual size: 471KB

Size: - Virtual size: 426KB

Size: - Virtual size: 3.3MB

Size: 4KB - Virtual size: 2KB

Size: 5.9MB - Virtual size: 5.9MB

Size: 8KB - Virtual size: 6KB

Size: 1.7MB - Virtual size: 1.7MB

Size: 4KB - Virtual size: 4KB

Size: 556KB - Virtual size: 555KB

Size: 8KB - Virtual size: 6KB