b06f0285dce8eb8b9a27fbce5ca230d9126bee3152a6b61fe99ecab90686f097

Sharing

Copy URL

Twitter E-mail

General

Target

b06f0285dce8eb8b9a27fbce5ca230d9126bee3152a6b61fe99ecab90686f097
Size

13.9MB
MD5

0d3ca64209683779cbc802e01c50171a
SHA1

4399c9d5ee1a61942bea9d9248e24ab7cfcb1269
SHA256

b06f0285dce8eb8b9a27fbce5ca230d9126bee3152a6b61fe99ecab90686f097
SHA512

d413e75688ba43954176a01e66d1f9e7b23b1f86e24ac6c19736f1bceef60eed9abe3b0d7d6f8676e2dc26dc3c790f434b0a5bea259efe79734246f586f8448c
SSDEEP

196608:v6IaEUEatnTQr4/wkhqoEukMYZEHdHBbYbKlO8SgbTw71cjEI/8:vvfUEETQawkhqo02kKlKWTw+jL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b06f0285dce8eb8b9a27fbce5ca230d9126bee3152a6b61fe99ecab90686f097

Files

b06f0285dce8eb8b9a27fbce5ca230d9126bee3152a6b61fe99ecab90686f097
.exe windows:5 windows x86 arch:x86

3e5752a597da3f8b558fb0a94806e316

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantInit

advapi32

RegSetValueExA

user32

CreateMenu

kernel32

GetVersion
GetVersionExA
CreateFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

GetEnhMetaFilePaletteEntries

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

ImageList_DrawEx

urlmon

CoInternetCreateZoneManager

wininet

InternetOpenA

shell32

SHChangeNotify

comdlg32

GetOpenFileNameA

wsock32

ioctlsocket

gdiplus

GdipAlloc

Sections

_^G!=Ay?
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

HE4JDU?r
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

8M-Rap5-
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

`\K?-_(b
Size: - Virtual size: 30.0MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_1u Y"2%
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8#ysn+J`
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c-o+0x2u
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 14.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 13.9MB - Virtual size: 13.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Yh!/C$gN
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

1TjcKl.!
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e5752a597da3f8b558fb0a94806e316

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

mpr

ole32

comctl32

urlmon

wininet

shell32

comdlg32

wsock32

gdiplus

Sections

_^G!=Ay? Size: - Virtual size: 1.4MB

HE4JDU?r Size: - Virtual size: 6KB

8M-Rap5- Size: - Virtual size: 85KB

`\K?-_(b Size: - Virtual size: 30.0MB

_1u Y"2% Size: - Virtual size: 15KB

8#ysn+J` Size: - Virtual size: 60B

c-o+0x2u Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 14.1MB

.vmp1 Size: 13.9MB - Virtual size: 13.9MB

Yh!/C$gN Size: 512B - Virtual size: 120B

1TjcKl.! Size: 9KB - Virtual size: 9KB

_^G!=Ay?
Size: - Virtual size: 1.4MB

HE4JDU?r
Size: - Virtual size: 6KB

8M-Rap5-
Size: - Virtual size: 85KB

`\K?-_(b
Size: - Virtual size: 30.0MB

_1u Y"2%
Size: - Virtual size: 15KB

8#ysn+J`
Size: - Virtual size: 60B

c-o+0x2u
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 14.1MB

.vmp1
Size: 13.9MB - Virtual size: 13.9MB

Yh!/C$gN
Size: 512B - Virtual size: 120B

1TjcKl.!
Size: 9KB - Virtual size: 9KB