fee9d6f11515e268fb497245bab3a1e5a23fc25913457ddfdf2c26e871172ba5

Sharing

Copy URL Twitter E-mail

General

Target

fee9d6f11515e268fb497245bab3a1e5a23fc25913457ddfdf2c26e871172ba5
Size

15.7MB
MD5

09f5cf17a45b75a0adb5b4165d542a6a
SHA1

25e8dcb28b3aa28dce7ce31ac45e3b4dfe0f2a45
SHA256

fee9d6f11515e268fb497245bab3a1e5a23fc25913457ddfdf2c26e871172ba5
SHA512

d1411e76795932dddfc36166f8ee294d998f5d1607d3ad4516a73d9ca2ee0ef0a1eefc38f2bb24096d31cd978fa1dcbb1ba7a8cb8982e646037a47f403a58fe6
SSDEEP

393216:nRxcIEnoKztl3Klnhq9dvZ20x6RA4EGQc6N315h:HcIEnDFKRE95Z7GhEGTY1b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee9d6f11515e268fb497245bab3a1e5a23fc25913457ddfdf2c26e871172ba5

Files

fee9d6f11515e268fb497245bab3a1e5a23fc25913457ddfdf2c26e871172ba5
.exe windows:5 windows x86 arch:x86

7160acef379befc446b4629c22d85e6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvfw32

DrawDibDraw

avifil32

AVIStreamGetFrame

winmm

midiStreamOut

ws2_32

ntohl

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetSysColorBrush

gdi32

CreateRectRgn

winspool.drv

OpenPrinterA

comdlg32

ChooseColorA

advapi32

RegCreateKeyExA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

_TrackMouseEvent

Sections

.text
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 555KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qvmp0
Size: - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qvmp1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qvmp2
Size: 15.7MB - Virtual size: 15.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7160acef379befc446b4629c22d85e6a

Headers

File Characteristics

Imports

msvfw32

avifil32

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: - Virtual size: 2.5MB

.rdata Size: - Virtual size: 5.5MB

.data Size: - Virtual size: 555KB

.qvmp0 Size: - Virtual size: 7.2MB

.qvmp1 Size: 4KB - Virtual size: 2KB

.qvmp2 Size: 15.7MB - Virtual size: 15.7MB

.rsrc Size: 12KB - Virtual size: 29KB

.text
Size: - Virtual size: 2.5MB

.rdata
Size: - Virtual size: 5.5MB

.data
Size: - Virtual size: 555KB

.qvmp0
Size: - Virtual size: 7.2MB

.qvmp1
Size: 4KB - Virtual size: 2KB

.qvmp2
Size: 15.7MB - Virtual size: 15.7MB

.rsrc
Size: 12KB - Virtual size: 29KB