81da7cd79c5f61e194dcf335ecb30521335d37e87d1aa5416d630ea6c8a81358

Sharing

Copy URL Twitter E-mail

General

Target

81da7cd79c5f61e194dcf335ecb30521335d37e87d1aa5416d630ea6c8a81358
Size

13.7MB
MD5

c92935d719bb5c76794e1955ab79a2a4
SHA1

cb09518fdd414e700f3488340a879652dc139c7a
SHA256

81da7cd79c5f61e194dcf335ecb30521335d37e87d1aa5416d630ea6c8a81358
SHA512

b6158948ad9c8acda481ca4e6e62ccad30b417c4399cecc06bae042daf0bbf42c36a57d12db8afefb4e8b0a25b28a32cda16ac50ab94487f3dbbc8c3fd59bac0
SSDEEP

393216:qk3h3heHG+UaeyOjGp5x+qOOCUf41DKeOz:qk3hsm2emTx+FOnfVz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81da7cd79c5f61e194dcf335ecb30521335d37e87d1aa5416d630ea6c8a81358

Files

81da7cd79c5f61e194dcf335ecb30521335d37e87d1aa5416d630ea6c8a81358
.exe windows:5 windows x86 arch:x86

2f31f90eb4caccac4751902529460b73

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

VariantChangeType

advapi32

RegFlushKey

user32

IntersectRect

kernel32

GetVersion
GetVersionExA
GetFileAttributesA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

SetPixel

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

ProgIDFromCLSID

comctl32

ImageList_SetIconSize

urlmon

CoInternetCreateSecurityManager

wininet

InternetConnectA

shell32

ShellExecuteA

comdlg32

GetOpenFileNameA

wsock32

select

gdiplus

GdipGetImageWidth

Sections

&w3?t]Iw
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

t(Fc0V2n
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

y?"+']y;
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

!+_lm1s\
Size: - Virtual size: 30.0MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j:`t'F&J
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yp1+IA<X
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cBTd6c[Y
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 13.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 13.7MB - Virtual size: 13.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hC<_UUU'
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

*`-1\G/t
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f31f90eb4caccac4751902529460b73

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

version

mpr

ole32

comctl32

urlmon

wininet

shell32

comdlg32

wsock32

gdiplus

Sections

&w3?t]Iw Size: - Virtual size: 1.4MB

t(Fc0V2n Size: - Virtual size: 6KB

y?"+']y; Size: - Virtual size: 85KB

!+_lm1s\ Size: - Virtual size: 30.0MB

j:`t'F&J Size: - Virtual size: 15KB

yp1+IA<X Size: - Virtual size: 60B

cBTd6c[Y Size: - Virtual size: 24B

.vmp0 Size: - Virtual size: 13.8MB

.vmp1 Size: 13.7MB - Virtual size: 13.7MB

hC<_UUU' Size: 512B - Virtual size: 124B

*`-1\G/t Size: 9KB - Virtual size: 9KB

&w3?t]Iw
Size: - Virtual size: 1.4MB

t(Fc0V2n
Size: - Virtual size: 6KB

y?"+']y;
Size: - Virtual size: 85KB

!+_lm1s\
Size: - Virtual size: 30.0MB

j:`t'F&J
Size: - Virtual size: 15KB

yp1+IA<X
Size: - Virtual size: 60B

cBTd6c[Y
Size: - Virtual size: 24B

.vmp0
Size: - Virtual size: 13.8MB

.vmp1
Size: 13.7MB - Virtual size: 13.7MB

hC<_UUU'
Size: 512B - Virtual size: 124B

*`-1\G/t
Size: 9KB - Virtual size: 9KB