ff6b76c69e28ce97d300588a41d46661496e98b750a78d7e095e5107eac70111

Sharing

Copy URL Twitter E-mail

General

Target

ff6b76c69e28ce97d300588a41d46661496e98b750a78d7e095e5107eac70111
Size

9.8MB
MD5

fcf7f98882bb1a0287be75be1266c3e8
SHA1

60f5267ca370d615e8271c54b7a88f1a003ae05f
SHA256

ff6b76c69e28ce97d300588a41d46661496e98b750a78d7e095e5107eac70111
SHA512

cefd536483dd1e10ddae2af2b6fef88dcfc8a42afe3e8bb1acb70193805866fade2e58121aa635c72700336ab332af7ebfc03433597115a343fad9486dc7f9b2
SSDEEP

196608:2c0Y747p9BZQ6eX8CZwRWbnGt45MWrlSy5QQhuf:T0Y76BZQ6XCZPnGt4lg2QQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff6b76c69e28ce97d300588a41d46661496e98b750a78d7e095e5107eac70111

Files

ff6b76c69e28ce97d300588a41d46661496e98b750a78d7e095e5107eac70111
.exe windows:5 windows x86 arch:x86

ea72bd5e6ca4a40e0be09111cb359fcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetVersionExA
GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

PeekMessageA
GetActiveWindow

advapi32

ControlService
RegCloseKey

shlwapi

PathFileExistsA

winmm

midiStreamOut

ws2_32

WSACleanup

gdi32

LineTo

winspool.drv

OpenPrinterA

shell32

SHGetSpecialFolderPathA

ole32

CLSIDFromProgID

oleaut32

UnRegisterTypeLi

comctl32

ord17

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 9.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ctors
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.drectve
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx2
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea72bd5e6ca4a40e0be09111cb359fcc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

winmm

ws2_32

gdi32

winspool.drv

shell32

ole32

oleaut32

comctl32

comdlg32

Sections

.text Size: - Virtual size: 7.1MB

.rdata Size: - Virtual size: 9.3MB

.data Size: - Virtual size: 7.9MB

.ctors Size: - Virtual size: 4B

.drectve Size: - Virtual size: 3KB

.upx0 Size: - Virtual size: 1.7MB

.upx1 Size: 4KB - Virtual size: 3KB

.upx2 Size: 9.6MB - Virtual size: 9.6MB

.rsrc Size: 204KB - Virtual size: 200KB

.text
Size: - Virtual size: 7.1MB

.rdata
Size: - Virtual size: 9.3MB

.data
Size: - Virtual size: 7.9MB

.ctors
Size: - Virtual size: 4B

.drectve
Size: - Virtual size: 3KB

.upx0
Size: - Virtual size: 1.7MB

.upx1
Size: 4KB - Virtual size: 3KB

.upx2
Size: 9.6MB - Virtual size: 9.6MB

.rsrc
Size: 204KB - Virtual size: 200KB