ec10cf39c1db9a593de637105171dca999646906c06ddcd2a0bb3cea3175531c

Sharing

Copy URL Twitter E-mail

General

Target

ec10cf39c1db9a593de637105171dca999646906c06ddcd2a0bb3cea3175531c
Size

3.6MB
MD5

293697babf334db6aacc0b6dc0c6d8b7
SHA1

95b4ca8e37bf0e067b9a17a58b0a38ada249a0e7
SHA256

ec10cf39c1db9a593de637105171dca999646906c06ddcd2a0bb3cea3175531c
SHA512

9e51530b47dc19f6a91a1cbfaa57be981644378eb116682a184d069ca3085af8e062101319a5ea226aa56f899ee47be73bfbf731b556c5feaa39848d033f8242
SSDEEP

49152:SddCtqwI5mGg0znmBvx75wGFmqpeJimmfx4S6ynd1SbkG4n7/4ts6OPgQrOryJJ9:2Cx0lLK75TmmfF117/S8geOGJJwJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec10cf39c1db9a593de637105171dca999646906c06ddcd2a0bb3cea3175531c

Files

ec10cf39c1db9a593de637105171dca999646906c06ddcd2a0bb3cea3175531c
.dll windows:4 windows x86 arch:x86

0a406f72f1d13e982883f0ca6d9eadc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutGetNumDevs

ws2_32

connect

kernel32

GlobalUnlock

user32

ScrollWindowEx

gdi32

SetROP2

winspool.drv

ClosePrinter

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantClear

comctl32

ImageList_Destroy

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 930KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 590KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0a406f72f1d13e982883f0ca6d9eadc3

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 930KB

.rdata Size: - Virtual size: 3.1MB

.data Size: - Virtual size: 326KB

.vdata Size: - Virtual size: 24KB

.text Size: - Virtual size: 590KB

.data Size: - Virtual size: 1.1MB

.text Size: 3.5MB - Virtual size: 3.5MB

.data Size: 4KB - Virtual size: 720B

.reloc Size: 4KB - Virtual size: 844B

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: - Virtual size: 930KB

.rdata
Size: - Virtual size: 3.1MB

.data
Size: - Virtual size: 326KB

.vdata
Size: - Virtual size: 24KB

.text
Size: - Virtual size: 590KB

.data
Size: - Virtual size: 1.1MB

.text
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 4KB - Virtual size: 720B

.reloc
Size: 4KB - Virtual size: 844B

.rsrc
Size: 24KB - Virtual size: 22KB