93fddf1ea75272aaf5ea6eb341a1a92969f7380f7bec3ff85b01d4764c295e37

Sharing

Copy URL

Twitter E-mail

General

Target

93fddf1ea75272aaf5ea6eb341a1a92969f7380f7bec3ff85b01d4764c295e37
Size

104KB
MD5

562ff6f58a48a3eb31cd72cf274e863a
SHA1

c141262e803dee3e119c7019c2b8d5f7b28af6b3
SHA256

93fddf1ea75272aaf5ea6eb341a1a92969f7380f7bec3ff85b01d4764c295e37
SHA512

daab57deb13683d15939551d43dcac4948eca41fae8dc063d5640d666ed01e13040ad9af48fbf730a5befe957b27d5082130fe5b704c3bf43b52fbfdb0304a43
SSDEEP

1536:NJVN/DfrIUHzZ/whnssrHNVHbvtpnnFfNVTxvdb5ljB/trJH1zRP97ZXFDhfNLpo:NXtDfrIAwBr5VHbvtMkOQVP7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93fddf1ea75272aaf5ea6eb341a1a92969f7380f7bec3ff85b01d4764c295e37

Files

93fddf1ea75272aaf5ea6eb341a1a92969f7380f7bec3ff85b01d4764c295e37
.exe windows x64

28b4b5b5922c7caaf402dddb798fc3c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mfc90

ord9910
ord10063
ord9578
ord12800
ord12010
ord2067
ord617
ord5333
ord5350
ord4041
ord5344
ord3002
ord1966
ord1071
ord602
ord3923
ord5499
ord6348
ord5220
ord1023
ord3897
ord5701
ord2065
ord2110
ord4429
ord6407
ord3892
ord6409
ord4648
ord3921
ord5684
ord4677
ord5346
ord4112
ord3774
ord4136
ord4586
ord2907
ord2185
ord2533
ord5521
ord316
ord589
ord795
ord798
ord923
ord1523
ord305
ord3006
ord3486
ord583
ord2437
ord5320
ord1635
ord1698
ord1699
ord2010
ord5295
ord1393
ord6194
ord3852
ord3011
ord6012
ord6192
ord1457
ord5731
ord5083
ord3430
ord6408
ord3893
ord6410
ord1556
ord2226
ord2932
ord2233
ord2470
ord2452
ord2450
ord2468
ord2480
ord2457
ord2473
ord2478
ord12742
ord2463
ord2465
ord2459
ord2475
ord2455
ord947
ord943
ord945
ord941
ord936
ord5353
ord5355
ord6086
ord1636
ord4384
ord4833
ord3488
ord5334
ord4285
ord6406
ord5191
ord1949
ord1954
ord5272
ord1434
ord4039
ord11771
ord12223
ord7372
ord9571
ord8058
ord6938
ord6744
ord8878
ord310
ord1839
ord1840
ord722
ord512
ord4336
ord1977
ord1517
ord4196
ord2136
ord1581
ord3253
ord3732
ord4861
ord5302
ord3131
ord6038
ord1433
ord4364
ord5323
ord4313
ord4591
ord1659
ord1662
ord6041
ord3133
ord3775
ord3069
ord3245
ord3293
ord2433
ord1311
ord1980
ord3287
ord3402
ord1627
ord2142
ord755
ord4342
ord2432
ord5849
ord4846
ord5003
ord4689
ord2320
ord1237
ord1714
ord265
ord2380
ord2602
ord2797
ord776
ord266
ord1516
ord2722
ord2218
ord1444
ord2562
ord6366
ord4346
ord1080
ord1938
ord1103
ord1149
ord574
ord1022
ord6386
ord767
ord4363
ord4042
ord2709
ord3800
ord3810
ord3809
ord2598
ord2711
ord3265
ord362
ord1585
ord2461
ord1713
ord2605
ord2780
ord4410
ord2904
ord778

msvcr90

_CxxThrowException
memset
_setmbcp
__CxxFrameHandler3
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_cexit
_ismbblead
_exit
_XcptFilter
__getmainargs
_amsg_exit
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__C_specific_handler
realloc
vsprintf_s
_strupr
strncmp
memcpy
fprintf
vsprintf
sprintf
_time64
fclose
_localtime64
fopen
strchr
strstr
malloc
free
atol

kernel32

EnterCriticalSection
GetPrivateProfileSectionA
DeleteCriticalSection
GetProcAddress
WritePrivateProfileStringA
LeaveCriticalSection
TerminateProcess
FindFirstFileA
InitializeCriticalSection
WritePrivateProfileSectionA
LocalFree
GetCurrentThreadId
Sleep
GetPrivateProfileIntA
GetTickCount
lstrlenA
lstrcpyA
LoadLibraryA
GetWindowsDirectoryA
GetSystemTimeAsFileTime
FreeLibrary
GetCurrentProcessId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetStartupInfoA
GetTempPathA
FindClose

user32

EnableWindow
LoadCursorA
IsWindow
wsprintfA
GetMessagePos
IsIconic
LoadIconA
DrawIcon
GetSystemMetrics
SetCursor
SetTimer
ScreenToClient
GetWindowRect
KillTimer
GetParent
MessageBeep
GetClientRect
SendMessageA
PtInRect
GetDC
InflateRect
CopyIcon
SetWindowLongA
InvalidateRect
ReleaseDC
GetSysColor

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetStockObject

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
GetUserNameA
RegCreateKeyExA
RegQueryValueExA

shell32

ShellExecuteA

comctl32

InitCommonControlsEx

oleaut32

VariantClear

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28b4b5b5922c7caaf402dddb798fc3c1

Headers

DLL Characteristics

File Characteristics

Imports

mfc90

msvcr90

kernel32

user32

gdi32

advapi32

shell32

comctl32

oleaut32

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 1KB - Virtual size: 3KB

.pdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 37KB - Virtual size: 36KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 1KB - Virtual size: 3KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 37KB - Virtual size: 36KB

.reloc
Size: 3KB - Virtual size: 2KB