05e61dfbebe88e90a5ee1bfa8352dc5d392a031f29960f8f4311d9ea0b107b2e

Sharing

Copy URL Twitter E-mail

General

Target

05e61dfbebe88e90a5ee1bfa8352dc5d392a031f29960f8f4311d9ea0b107b2e
Size

9.8MB
MD5

28150f0c0e08bc4bc3e7c39b8fef3fc5
SHA1

b823f084f6419d16b1a8dbafec7b855030bb21ff
SHA256

05e61dfbebe88e90a5ee1bfa8352dc5d392a031f29960f8f4311d9ea0b107b2e
SHA512

cd31f6c3905c95bef674f2b11fd278d071df767def447da98c7e27d40a8b821e90cddbde1a353deb0899d9aa50005069a40fcea3a239cce9f06d974bcd6ac206
SSDEEP

196608:/0zwpmwNe14Pzr/jSGW9GOnfZ6T7iIqH9FEB9j0UJ3zww5ymtdKvR4RqGE:/dpmw5P3rSGW9Z6TQmlzx5yal1E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05e61dfbebe88e90a5ee1bfa8352dc5d392a031f29960f8f4311d9ea0b107b2e

Files

05e61dfbebe88e90a5ee1bfa8352dc5d392a031f29960f8f4311d9ea0b107b2e
.exe windows:5 windows x86 arch:x86

16be90c217ac32dc8e293bd325ae705d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

FindFirstUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comdlg32

GetSaveFileNameW

comctl32

ImageList_GetImageInfo

ws2_32

htons

shell32

ExtractIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

CloseServiceHandle

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

SetFileAttributesW

ole32

OleRegEnumVerbs

gdi32

AddFontMemResourceEx

psapi

GetMappedFileNameW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 8.4MB - Virtual size: 20.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16be90c217ac32dc8e293bd325ae705d

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comdlg32

comctl32

ws2_32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

ole32

gdi32

psapi

Exports

Exports

Sections

.text Size: 8.4MB - Virtual size: 20.1MB

.text Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 16KB

.text Size: 4KB - Virtual size: 4KB

.text
Size: 8.4MB - Virtual size: 20.1MB

.text
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 16KB

.text
Size: 4KB - Virtual size: 4KB