8891c64c9e3fc92d2cff2a40e3a6b5d03f884ada21c13aa106e1851a547e6309

Sharing

Copy URL Twitter E-mail

General

Target

8891c64c9e3fc92d2cff2a40e3a6b5d03f884ada21c13aa106e1851a547e6309
Size

4.2MB
MD5

cc652334c17ee24597ed2b57f3c056d3
SHA1

aafe2643cd15d8521edc47684f2a6ce3a0a5e8bb
SHA256

8891c64c9e3fc92d2cff2a40e3a6b5d03f884ada21c13aa106e1851a547e6309
SHA512

dc18155e7738a77c2eda380eb0f108c168917780b6b3a9ed292585a80d7487aaf7492cb5c52d1c145b6b08a531f3154ba7e682dc81151fa831afd68f018fabb3
SSDEEP

98304:nr0KpqWrVf4rSXd1X5kl1gdjnbwSDh7PWhTVhXiACw3KISx3UWts:r0KpqOWu21wj1Dh7PApN6Yks

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8891c64c9e3fc92d2cff2a40e3a6b5d03f884ada21c13aa106e1851a547e6309

Files

8891c64c9e3fc92d2cff2a40e3a6b5d03f884ada21c13aa106e1851a547e6309
.exe windows:4 windows x86 arch:x86

5fe652fcd8d23a7c0fcf5e8caa9752dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

winmm

midiStreamProperty

ws2_32

WSAAsyncSelect

version

VerLanguageNameA

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

kernel32

DuplicateHandle

user32

GetNextDlgGroupItem

gdi32

PatBlt

winspool.drv

ClosePrinter

comdlg32

ChooseColorA

advapi32

RegCreateKeyExA

shell32

DragQueryFileA

ole32

OleRun

oleaut32

LoadTypeLi

comctl32

ImageList_SetBkColor

oledlg

ord8

msvcrt

strncpy

psapi

GetMappedFileNameW

Sections

.text
Size: 2.4MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fe652fcd8d23a7c0fcf5e8caa9752dd

Headers

File Characteristics

Imports

iphlpapi

winmm

ws2_32

version

msvfw32

avifil32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

msvcrt

psapi

Sections

.text Size: 2.4MB - Virtual size: 4.8MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 368KB - Virtual size: 368KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 2.4MB - Virtual size: 4.8MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 368KB - Virtual size: 368KB

.sedata
Size: 4KB - Virtual size: 4KB