0e5bac3443b1b5ce6651db03993f90fa971ef45b6c85789bf55126bb65e7616eN

Sharing

Copy URL Twitter E-mail

General

Target

0e5bac3443b1b5ce6651db03993f90fa971ef45b6c85789bf55126bb65e7616eN
Size

2.3MB
MD5

b9274cd964c62726f587e19d0fb53ed0
SHA1

cd717115336738136be3c660ad50cc05207f1593
SHA256

0e5bac3443b1b5ce6651db03993f90fa971ef45b6c85789bf55126bb65e7616e
SHA512

4c908d4b850ae57317854e6251d8619b27e8cf6a9efa35ba3b75c773d372bbba47437765f063beff4d6911a647df8a103b20d1d592dd5d346df4f71932296a41
SSDEEP

49152:j3YPBi/AduRax8myagult3onBLfpa2XxUHW2EfvkS3Y:kPB7scxwajltYb3X+KcSY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5bac3443b1b5ce6651db03993f90fa971ef45b6c85789bf55126bb65e7616eN

Files

0e5bac3443b1b5ce6651db03993f90fa971ef45b6c85789bf55126bb65e7616eN
.exe windows:4 windows x86 arch:x86

5939b8b18135bc04f01f6b1037c6ed06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

waveOutPrepareHeader

ws2_32

inet_addr

msvfw32

DrawDibDraw

avifil32

AVIStreamInfoA

rasapi32

RasHangUpA

kernel32

InterlockedDecrement

user32

GetSysColorBrush

gdi32

CreateBitmap

winspool.drv

ClosePrinter

comdlg32

GetFileTitleA

advapi32

LookupPrivilegeValueA

shell32

DragAcceptFiles

ole32

CLSIDFromProgID

oleaut32

SysAllocString

comctl32

ImageList_GetImageCount

wininet

InternetGetConnectedState

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 968KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5939b8b18135bc04f01f6b1037c6ed06

Headers

File Characteristics

Imports

winmm

ws2_32

msvfw32

avifil32

rasapi32

kernel32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

wininet

msvcrt

iphlpapi

psapi

Sections

.text Size: 968KB - Virtual size: 2.4MB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 16KB - Virtual size: 16KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 968KB - Virtual size: 2.4MB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 16KB

.sedata
Size: 4KB - Virtual size: 4KB