05bb58472ff89048817116f0b22c770647658be5dc764297650e995d34bf2de8

Sharing

Copy URL Twitter E-mail

General

Target

05bb58472ff89048817116f0b22c770647658be5dc764297650e995d34bf2de8
Size

2.6MB
MD5

6d59e75da9e079457cb1c8cb5a77dde6
SHA1

b68ac29538cbeba26053b4eaa2f32ae521549419
SHA256

05bb58472ff89048817116f0b22c770647658be5dc764297650e995d34bf2de8
SHA512

c3f65c78b1919437f8174df11080b7469d7639f6f00da8eec0081b82ee98aedae722496f2ba425693ebb0fd2d37dbed3bf7983c7bfe6fed818a4ebaf55394d39
SSDEEP

49152:htAotplrXnvpob4xrJ1+ztV88ptZyRS+xX62WxsIBYZUXKU4F:hblrXvA4lD+5fZKbX62vIBpKUY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05bb58472ff89048817116f0b22c770647658be5dc764297650e995d34bf2de8

Files

05bb58472ff89048817116f0b22c770647658be5dc764297650e995d34bf2de8
.dll windows:4 windows x86 arch:x86

e6f80df7c2b6cfc4a13919e3965dbed3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

midiStreamRestart

ws2_32

inet_ntoa

kernel32

TerminateProcess

user32

PostThreadMessageA

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

Shell_NotifyIconA

ole32

CoGetClassObject

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Destroy

oledlg

ord8

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

CheckHpsocket1
executeDevice
loadKeyDevice
loadMouseDevice

Sections

.text
Size: 1.4MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6f80df7c2b6cfc4a13919e3965dbed3

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

comdlg32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 3.3MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.4MB - Virtual size: 3.3MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB