c36af194a6a1f4b45ac3bf5900026a1dee73e0240c1dd3e8d7c129ffe5ad7a58

Sharing

Copy URL Twitter E-mail

General

Target

c36af194a6a1f4b45ac3bf5900026a1dee73e0240c1dd3e8d7c129ffe5ad7a58
Size

3.5MB
MD5

0f9ab095af54def43bca5547d87508d2
SHA1

daf8b0325cb27fdd37073d0caeb86721c82bc7fc
SHA256

c36af194a6a1f4b45ac3bf5900026a1dee73e0240c1dd3e8d7c129ffe5ad7a58
SHA512

fedaff8eeb5ec7e0189a77f02b0e64a38ce93df7563c851623d49c4b36bdd6191fd1cef43ba3e9d26d9ebc74512c6fdad3122c2b4275e3b85b0e38707d21ae58
SSDEEP

98304:yddArDX9bxTrlB0bB6LeGnPU20Jrn6YfEZqrnz:+dArDX9bxNB0unPYJr6Yfrrz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c36af194a6a1f4b45ac3bf5900026a1dee73e0240c1dd3e8d7c129ffe5ad7a58

Files

c36af194a6a1f4b45ac3bf5900026a1dee73e0240c1dd3e8d7c129ffe5ad7a58
.dll windows:4 windows x86 arch:x86

0a406f72f1d13e982883f0ca6d9eadc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutGetNumDevs

ws2_32

connect

kernel32

GlobalUnlock

user32

ScrollWindowEx

gdi32

SetROP2

winspool.drv

ClosePrinter

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 946KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a406f72f1d13e982883f0ca6d9eadc3

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 946KB

.rdata Size: - Virtual size: 3.1MB

.data Size: - Virtual size: 326KB

.vdata Size: - Virtual size: 24KB

.text Size: - Virtual size: 504KB

.data Size: - Virtual size: 1.1MB

.text Size: 3.5MB - Virtual size: 3.5MB

.data Size: 4KB - Virtual size: 720B

.reloc Size: 4KB - Virtual size: 860B

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: - Virtual size: 946KB

.rdata
Size: - Virtual size: 3.1MB

.data
Size: - Virtual size: 326KB

.vdata
Size: - Virtual size: 24KB

.text
Size: - Virtual size: 504KB

.data
Size: - Virtual size: 1.1MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 4KB - Virtual size: 720B

.reloc
Size: 4KB - Virtual size: 860B

.rsrc
Size: 24KB - Virtual size: 22KB