de4c9951b9d658d0e29ec2810eb30c58eac9fdaf38ea0a3337b5c3db381f7f29

Sharing

Copy URL Twitter E-mail

General

Target

de4c9951b9d658d0e29ec2810eb30c58eac9fdaf38ea0a3337b5c3db381f7f29
Size

9.1MB
MD5

5defb3ddfe808403604a96236df1845a
SHA1

1811450d257f8ba5b3711543d829f75497de2160
SHA256

de4c9951b9d658d0e29ec2810eb30c58eac9fdaf38ea0a3337b5c3db381f7f29
SHA512

85c11cef84447cdbfd02c44369fb46330cd0c0412f30be8c1acabfd122fb6380f3405fcc86be6fb0e4b660e303acfc67b1af29ee9db0a8de76a60d3b9ff9acb4
SSDEEP

196608:qQBYay7k7L1n5aOFgQwaN14++3XAQrb71AMe17H72VBkxwE:qS3y7k755BFg+cAu1AMoiVCwE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de4c9951b9d658d0e29ec2810eb30c58eac9fdaf38ea0a3337b5c3db381f7f29

Files

de4c9951b9d658d0e29ec2810eb30c58eac9fdaf38ea0a3337b5c3db381f7f29
.exe windows:4 windows x86 arch:x86

06b75f733a000a159ac693de46e28e5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamStop

ws2_32

htons

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

rasapi32

RasGetConnectStatusA

kernel32

InterlockedDecrement

user32

GetSysColorBrush

gdi32

GetPolyFillMode

msimg32

GradientFill

winspool.drv

OpenPrinterA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

SafeArrayGetElement

comctl32

ImageList_Duplicate

wsock32

shutdown

wininet

InternetCloseHandle

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 7.6MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06b75f733a000a159ac693de46e28e5a

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

rasapi32

kernel32

user32

gdi32

msimg32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wsock32

wininet

msvcrt

iphlpapi

psapi

Sections

.text Size: 7.6MB - Virtual size: 11.9MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 7.6MB - Virtual size: 11.9MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.sedata
Size: 4KB - Virtual size: 4KB