e8e73a14e24767e209967ce09c22bec0152283e826815195161411e710766a84

Sharing

Copy URL Twitter E-mail

General

Target

e8e73a14e24767e209967ce09c22bec0152283e826815195161411e710766a84
Size

7.6MB
MD5

52d6d09a0c1ea692dc92b39e5c29d5dd
SHA1

da03044dc751b85e4dd754b7e37f05678d35721a
SHA256

e8e73a14e24767e209967ce09c22bec0152283e826815195161411e710766a84
SHA512

16ffe4e17dae5f76052ffcb19c3a7a6db28227649275b8ad48260e4b5f13d9dd357b847a7fd3e9a84ebced9129d46adabc6f334a97c2816dd1c03bcb894fc9db
SSDEEP

196608:v79D8EQye49MmkluqQk3fetOtoVWYhN+:j9NQB49GczAetO4WGN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8e73a14e24767e209967ce09c22bec0152283e826815195161411e710766a84

Files

e8e73a14e24767e209967ce09c22bec0152283e826815195161411e710766a84
.dll windows:5 windows x86 arch:x86

a77ab70c53e97c63c445ec8d4eadf46c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutRestart

ws2_32

select

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetForegroundWindow
CharUpperBuffW

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

SafeArrayGetDim

comctl32

ImageList_Destroy

comdlg32

GetFileTitleA

Exports

Exports

jiekou
vSetDdrawflag
��ֹ�ظ��

Sections

.text
Size: - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ot^
Size: - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.2iN
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.q-n
Size: 7.6MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a77ab70c53e97c63c445ec8d4eadf46c

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 754KB

.rdata Size: - Virtual size: 219KB

.data Size: - Virtual size: 329KB

.Ot^ Size: - Virtual size: 4.4MB

.2iN Size: 4KB - Virtual size: 2KB

.q-n Size: 7.6MB - Virtual size: 7.6MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 754KB

.rdata
Size: - Virtual size: 219KB

.data
Size: - Virtual size: 329KB

.Ot^
Size: - Virtual size: 4.4MB

.2iN
Size: 4KB - Virtual size: 2KB

.q-n
Size: 7.6MB - Virtual size: 7.6MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 5KB