013dcf8c234d86df70b332476828f3656dc7ad39dbbde784578aaafdd31eae09

Sharing

Copy URL Twitter E-mail

General

Target

013dcf8c234d86df70b332476828f3656dc7ad39dbbde784578aaafdd31eae09
Size

13.1MB
MD5

28d144f403f1e832aaf5df6372b75c25
SHA1

df66799d3d7ba008a3a77985d4fa18c789469f09
SHA256

013dcf8c234d86df70b332476828f3656dc7ad39dbbde784578aaafdd31eae09
SHA512

5d42403ea977e34e4fbf42d8f08b2ad5ccd0f8498adc17811f0888f5587f394c8e1e3ce2c86eccc781d97690f1a6df14ef456da3575c2e8bc63af3ec513729e5
SSDEEP

196608:W1qnGBudBzdaeu9n2A7CyjXZf7UKhCFLg7N1qc3jOjC2hAXB4T/eJQ/DMUH3GdvK:W4YudRdZOkyLaKQG1uAR+mwDMgn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
013dcf8c234d86df70b332476828f3656dc7ad39dbbde784578aaafdd31eae09

Files

013dcf8c234d86df70b332476828f3656dc7ad39dbbde784578aaafdd31eae09
.exe windows:5 windows x86 arch:x86

c19a458fe8277fb8c213f43c4d3df0f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiOutReset

ws2_32

ntohl

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetMenuItemBitmaps

gdi32

CreateSolidBrush

winspool.drv

OpenPrinterA

comdlg32

GetSaveFileNameW

advapi32

RegCreateKeyExA

shell32

DragQueryFileA

ole32

ReleaseStgMedium

oleaut32

VariantCopy

comctl32

ImageList_SetBkColor

wldap32

ord29

Sections

.text
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 557KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BAX
Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Gka
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ebo
Size: 13.0MB - Virtual size: 13.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c19a458fe8277fb8c213f43c4d3df0f2

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wldap32

Sections

.text Size: - Virtual size: 1.5MB

.rdata Size: - Virtual size: 1.7MB

.data Size: - Virtual size: 557KB

.BAX Size: - Virtual size: 8.5MB

.Gka Size: 4KB - Virtual size: 2KB

.Ebo Size: 13.0MB - Virtual size: 13.0MB

.rsrc Size: 68KB - Virtual size: 67KB

.text
Size: - Virtual size: 1.5MB

.rdata
Size: - Virtual size: 1.7MB

.data
Size: - Virtual size: 557KB

.BAX
Size: - Virtual size: 8.5MB

.Gka
Size: 4KB - Virtual size: 2KB

.Ebo
Size: 13.0MB - Virtual size: 13.0MB

.rsrc
Size: 68KB - Virtual size: 67KB