1efea4efa470b463d316a547ca116b291806104480c446eb1afb5bb83c1f2e69

Sharing

Copy URL Twitter E-mail

General

Target

1efea4efa470b463d316a547ca116b291806104480c446eb1afb5bb83c1f2e69
Size

3.2MB
MD5

4c33c1609bffd89ddba23c60416d0af4
SHA1

242a26251c51712c26574372088f37682e539def
SHA256

1efea4efa470b463d316a547ca116b291806104480c446eb1afb5bb83c1f2e69
SHA512

a624cd76182f371e980848039ae4f5601da7a34fcd11f379b4508ac22a931d46a40164f0af77499dc5aafb0a20c1ab17a178a1dfc0f5c0aae5694c6afe4a35ea
SSDEEP

98304:npkWr6dvEaLh59UsTh0SWh04i4LrW3GfMjJ1q2:ph6dv5Lh5eSh0y919z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1efea4efa470b463d316a547ca116b291806104480c446eb1afb5bb83c1f2e69

Files

1efea4efa470b463d316a547ca116b291806104480c446eb1afb5bb83c1f2e69
.exe windows:5 windows x86 arch:x86

efc006273fe5a0a00ddd9ea41830a9bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rasapi32

RasHangUpA

kernel32

GetVersionExA
GetVersion

user32

GetCursorPos

gdi32

SetMapMode

winmm

waveOutRestart

winspool.drv

DocumentPropertiesA

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromString

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

inet_ntoa

wininet

HttpQueryInfoA

comdlg32

GetSaveFileNameA

Sections

.text
Size: - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wh30
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wh31
Size: 4KB - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wh32
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

efc006273fe5a0a00ddd9ea41830a9bb

Headers

File Characteristics

Imports

rasapi32

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wininet

comdlg32

Sections

.text Size: - Virtual size: 716KB

.rdata Size: - Virtual size: 95KB

.data Size: - Virtual size: 329KB

.wh30 Size: - Virtual size: 2.1MB

.wh31 Size: 4KB - Virtual size: 140B

.wh32 Size: 3.1MB - Virtual size: 3.1MB

.rsrc Size: 140KB - Virtual size: 136KB

.text
Size: - Virtual size: 716KB

.rdata
Size: - Virtual size: 95KB

.data
Size: - Virtual size: 329KB

.wh30
Size: - Virtual size: 2.1MB

.wh31
Size: 4KB - Virtual size: 140B

.wh32
Size: 3.1MB - Virtual size: 3.1MB

.rsrc
Size: 140KB - Virtual size: 136KB