610fb533d91d678a60f88d5cdeaec2081f42747c3ca3df2fbe84001ed1ef9c7e

Sharing

Copy URL Twitter E-mail

General

Target

610fb533d91d678a60f88d5cdeaec2081f42747c3ca3df2fbe84001ed1ef9c7e
Size

1.5MB
MD5

100a970a94ba101184d8598db09a1ce6
SHA1

029ab60e105af6fc8a37dc961f6edc023875d2e3
SHA256

610fb533d91d678a60f88d5cdeaec2081f42747c3ca3df2fbe84001ed1ef9c7e
SHA512

f5209395e5b7cdbc9432b075ae324494cea9fa59669d4d3d5830655b96fd1e300b106dab754d5aef57a0910fbf1a3a3df7fcf78a956090a245795b3a3d240e0a
SSDEEP

24576:e0Gfh8HATa91VcZxGUsdyYDfHxs9gIEG4R5i0N68VAoHqISmX3otOHwQX:JK8HpxgYDp62G+5LNBqISoYtqf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
610fb533d91d678a60f88d5cdeaec2081f42747c3ca3df2fbe84001ed1ef9c7e

Files

610fb533d91d678a60f88d5cdeaec2081f42747c3ca3df2fbe84001ed1ef9c7e
.exe windows:4 windows x86 arch:x86

a689d50c1f71730fc5712d456f048302

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges

kernel32

CloseHandle

version

GetFileVersionInfoSizeW

winspool.drv

ClosePrinter

comctl32

FlatSB_GetScrollInfo

gdi32

AbortDoc

msimg32

AlphaBlend

user32

ActivateKeyboardLayout

ole32

CoInitialize

oleaut32

GetErrorInfo

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
__GetExceptDLLinfo
___CPPdebugHook
_frmpoker

Sections

.text
Size: 437KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a689d50c1f71730fc5712d456f048302

Headers

File Characteristics

Imports

advapi32

kernel32

version

winspool.drv

comctl32

gdi32

msimg32

user32

ole32

oleaut32

msvcrt

iphlpapi

psapi

shell32

Exports

Exports

Sections

.text Size: 437KB - Virtual size: 1.0MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 437KB - Virtual size: 1.0MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB