df81d2c3c472552a1d731dd4af5ed6d818e088125301291903ff06b98dee209c

Sharing

Copy URL Twitter E-mail

General

Target

df81d2c3c472552a1d731dd4af5ed6d818e088125301291903ff06b98dee209c
Size

8.9MB
MD5

3b8dc1cf863b1d243b0d9340cbee7a06
SHA1

772fbb482a89252d779a6724875259a188298c41
SHA256

df81d2c3c472552a1d731dd4af5ed6d818e088125301291903ff06b98dee209c
SHA512

4303f2e73f16ca9c420a5524b825fd380d541fc1f8798903dada79c62b83c1690832a2d6bed319581c6be8279f4bec33b34fc0f076aff8e795aef90654f22b68
SSDEEP

196608:4fqs234wIFu9jJKC4Pc5CTSW4YExZWPZm6r04RdP5:a234e9B8cBlYExZWxl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df81d2c3c472552a1d731dd4af5ed6d818e088125301291903ff06b98dee209c

Files

df81d2c3c472552a1d731dd4af5ed6d818e088125301291903ff06b98dee209c
.dll windows:5 windows x86 arch:x86

5f4921bad904cc432d747e0249dcf0cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveOutUnprepareHeader

ws2_32

inet_ntoa

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetSysColorBrush
CharUpperBuffW

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

OleInitialize

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Destroy

comdlg32

GetOpenFileNameA

Exports

Exports

InsertSvc
ServiceMain
UninstallSvc
ָ�뵽��

Sections

.text
Size: - Virtual size: 685KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.W]E
Size: - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sVK
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Vw&
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f4921bad904cc432d747e0249dcf0cc

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Exports

Exports

Sections

.text Size: - Virtual size: 685KB

.rdata Size: - Virtual size: 87KB

.data Size: - Virtual size: 297KB

.W]E Size: - Virtual size: 5.7MB

.sVK Size: 4KB - Virtual size: 2KB

.Vw& Size: 8.9MB - Virtual size: 8.9MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: - Virtual size: 685KB

.rdata
Size: - Virtual size: 87KB

.data
Size: - Virtual size: 297KB

.W]E
Size: - Virtual size: 5.7MB

.sVK
Size: 4KB - Virtual size: 2KB

.Vw&
Size: 8.9MB - Virtual size: 8.9MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 5KB