11da09bed6915356ac9033508e169f087744979967623c5a4ea5f92e285112f1

Sharing

Copy URL

Twitter E-mail

General

Target

11da09bed6915356ac9033508e169f087744979967623c5a4ea5f92e285112f1
Size

13.5MB
MD5

11c7bcb0220f36fbb518136aaa7f06dc
SHA1

a1739ea7dba4ab19987180e8c45e0835dfc42c1c
SHA256

11da09bed6915356ac9033508e169f087744979967623c5a4ea5f92e285112f1
SHA512

6e73f63a1e783100616af51c9928e577e438115d988155b4e1dd04637e1c41068c42c3d26ca2fad4a0e8436591f140999c87f675d38ed84ff29079ae9cacbe27
SSDEEP

393216:mTD8eowyodn3Qv4KB2tTSdqJkXfgsvPyt:mTDF6o6v442tTCxvqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11da09bed6915356ac9033508e169f087744979967623c5a4ea5f92e285112f1

Files

11da09bed6915356ac9033508e169f087744979967623c5a4ea5f92e285112f1
.exe windows:5 windows x86 arch:x86

c1c1959a415ec8a836d7987da92a3fe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

waveOutUnprepareHeader

ws2_32

WSACleanup

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetActiveWindow

gdi32

GetViewportExtEx

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

se0
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

se1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

se2
Size: 13.4MB - Virtual size: 13.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1c1959a415ec8a836d7987da92a3fe9

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 2.7MB

.data Size: - Virtual size: 234KB

se0 Size: - Virtual size: 6.7MB

se1 Size: 4KB - Virtual size: 2KB

se2 Size: 13.4MB - Virtual size: 13.4MB

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 2.7MB

.data
Size: - Virtual size: 234KB

se0
Size: - Virtual size: 6.7MB

se1
Size: 4KB - Virtual size: 2KB

se2
Size: 13.4MB - Virtual size: 13.4MB

.rsrc
Size: 8KB - Virtual size: 6KB