12e18254505806fb1572fc994aa83ec74231c42c5dee17fddeaa9f204549c14a

Sharing

Copy URL

Twitter E-mail

General

Target

12e18254505806fb1572fc994aa83ec74231c42c5dee17fddeaa9f204549c14a
Size

10.7MB
MD5

a9a8aa7874f2b54f863c4847a4e87c09
SHA1

314046c2025820f7f8404ab49993f0999b331222
SHA256

12e18254505806fb1572fc994aa83ec74231c42c5dee17fddeaa9f204549c14a
SHA512

2ae9734ed18d581fed2a4e409e069f5f7e5d6a6b2047626a0f182754a0d6c13e2753ca8e74cb2559466e8807a8da91f6a2f1b0e021b3466b09431c4c05ffb536
SSDEEP

196608:UyciF5BZNeds6IORYf9alGRWQ67V6IyU9pX9ZOwrEwLUqSsqdAzFOzoiD2G58bo:IiFBN6s6IOaf9OJ1pXyw3Uji1iDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e18254505806fb1572fc994aa83ec74231c42c5dee17fddeaa9f204549c14a

Files

12e18254505806fb1572fc994aa83ec74231c42c5dee17fddeaa9f204549c14a
.exe windows:5 windows x86 arch:x86

889984feed4736e132d41fa2356a9ce4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasGetConnectStatusA

winmm

midiStreamOpen

ws2_32

WSAStartup

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

FindWindowExA

gdi32

LineTo

msimg32

GradientFill

winspool.drv

OpenPrinterA

advapi32

RegCloseKey

shell32

Shell_NotifyIconA

ole32

OleRun

oleaut32

SafeArrayGetElement

comctl32

ImageList_GetIcon

wininet

InternetCloseHandle

comdlg32

ChooseColorA

Sections

.text
Size: - Virtual size: 900KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvmp0
Size: - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

tvmp1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tvmp2
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

889984feed4736e132d41fa2356a9ce4

Headers

File Characteristics

Imports

rasapi32

winmm

ws2_32

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

wininet

comdlg32

Sections

.text Size: - Virtual size: 900KB

.rdata Size: - Virtual size: 279KB

.data Size: - Virtual size: 446KB

tvmp0 Size: - Virtual size: 6.1MB

tvmp1 Size: 4KB - Virtual size: 2KB

tvmp2 Size: 10.7MB - Virtual size: 10.7MB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: - Virtual size: 900KB

.rdata
Size: - Virtual size: 279KB

.data
Size: - Virtual size: 446KB

tvmp0
Size: - Virtual size: 6.1MB

tvmp1
Size: 4KB - Virtual size: 2KB

tvmp2
Size: 10.7MB - Virtual size: 10.7MB

.rsrc
Size: 8KB - Virtual size: 7KB