4d7d14af4ac8c428f8372d4bd2f1ae44ebf146c306e9617f83d11b736e7bdcb7

Sharing

Copy URL Twitter E-mail

General

Target

4d7d14af4ac8c428f8372d4bd2f1ae44ebf146c306e9617f83d11b736e7bdcb7
Size

12.0MB
MD5

a7e391ced6a914984f2d13e530c6a7c5
SHA1

f3d43843fd1c3d9493eacba0fb4df635c96a00b0
SHA256

4d7d14af4ac8c428f8372d4bd2f1ae44ebf146c306e9617f83d11b736e7bdcb7
SHA512

fdb44a0381d500601cd57a96160af4d16df1b8079a19af4c217d387546447faff42bdcdbf441a9aae72ffd5be0f4230bd7e63085eae8411c26d7bbe12f65cd6c
SSDEEP

196608:RGKLMWdlBsOB1DB6ba/h92tIDx3SAWIZ9SATKPkET0+WtybBmcQyouk:RGAPLKOd6ntCdWIZ9fKcET/GyHQ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d7d14af4ac8c428f8372d4bd2f1ae44ebf146c306e9617f83d11b736e7bdcb7

Files

4d7d14af4ac8c428f8372d4bd2f1ae44ebf146c306e9617f83d11b736e7bdcb7
.exe windows:5 windows x86 arch:x86

879056b3b0ba75c34c70209d20925d2d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetVersion
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

GetMenuItemCount

gdi32

CreatePalette

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegQueryValueA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tvmp0
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tvmp1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tvmp2
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

879056b3b0ba75c34c70209d20925d2d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

comdlg32

Sections

.text Size: - Virtual size: 614KB

.rdata Size: - Virtual size: 1.1MB

.data Size: - Virtual size: 279KB

.tvmp0 Size: - Virtual size: 6.4MB

.tvmp1 Size: 4KB - Virtual size: 2KB

.tvmp2 Size: 11.9MB - Virtual size: 11.9MB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: - Virtual size: 614KB

.rdata
Size: - Virtual size: 1.1MB

.data
Size: - Virtual size: 279KB

.tvmp0
Size: - Virtual size: 6.4MB

.tvmp1
Size: 4KB - Virtual size: 2KB

.tvmp2
Size: 11.9MB - Virtual size: 11.9MB

.rsrc
Size: 56KB - Virtual size: 54KB