8c77ea2855efc6d150e0cf6eec6e5780fb0137362a59b5148ebfde17965df93a

Sharing

Copy URL Twitter E-mail

General

Target

8c77ea2855efc6d150e0cf6eec6e5780fb0137362a59b5148ebfde17965df93a
Size

10.4MB
MD5

8b2ee2f1c86996a806308908c4e596b9
SHA1

517e245ae5d14e26e3ccb515ed24581e82d50054
SHA256

8c77ea2855efc6d150e0cf6eec6e5780fb0137362a59b5148ebfde17965df93a
SHA512

45e8bea1b3dffb847524053356713275d62d71f0b93b5dd9c5fce25e67cb72d30bf72198d0ab863017c1202893b51f8ffbce1374c05009855ef3d306afa81b4a
SSDEEP

196608:4y252YezvD638YI39I8xvuO/ubAWP5E5ekck76ZQ2tI4R8ibCtplaYgvT4BiRf:jfLYutv/+70e7I4SebLvkiRf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c77ea2855efc6d150e0cf6eec6e5780fb0137362a59b5148ebfde17965df93a

Files

8c77ea2855efc6d150e0cf6eec6e5780fb0137362a59b5148ebfde17965df93a
.exe windows:5 windows x86 arch:x86

6c9d1cd696f10e16399434f43b4a66d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

PeekMessageA
CharUpperBuffW

gdi32

LineTo

winspool.drv

OpenPrinterA

advapi32

RegQueryValueExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

SafeArrayCreate

comctl32

ImageList_Add

wininet

InternetCloseHandle

comdlg32

ChooseColorA

Sections

T-VMP
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

T-VMP
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 548KB - Virtual size: 547KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T-VMP
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c9d1cd696f10e16399434f43b4a66d7

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Sections

T-VMP Size: - Virtual size: 1.1MB

T-VMP Size: - Virtual size: 6.8MB

T-VMP Size: - Virtual size: 438KB

T-VMP Size: - Virtual size: 3.2MB

T-VMP Size: 4KB - Virtual size: 2KB

T-VMP Size: 8.1MB - Virtual size: 8.1MB

T-VMP Size: 72KB - Virtual size: 69KB

T-VMP Size: 1.7MB - Virtual size: 1.7MB

T-VMP Size: 4KB - Virtual size: 4KB

T-VMP Size: 548KB - Virtual size: 547KB

T-VMP Size: 72KB - Virtual size: 69KB

T-VMP
Size: - Virtual size: 1.1MB

T-VMP
Size: - Virtual size: 6.8MB

T-VMP
Size: - Virtual size: 438KB

T-VMP
Size: - Virtual size: 3.2MB

T-VMP
Size: 4KB - Virtual size: 2KB

T-VMP
Size: 8.1MB - Virtual size: 8.1MB

T-VMP
Size: 72KB - Virtual size: 69KB

T-VMP
Size: 1.7MB - Virtual size: 1.7MB

T-VMP
Size: 4KB - Virtual size: 4KB

T-VMP
Size: 548KB - Virtual size: 547KB

T-VMP
Size: 72KB - Virtual size: 69KB