f7aa806bacdadec114591f636dc525c3b3d9eb154e75dd3834d321786367ad82

Sharing

Copy URL Twitter E-mail

General

Target

f7aa806bacdadec114591f636dc525c3b3d9eb154e75dd3834d321786367ad82
Size

176KB
MD5

ef7d66ccf7c88eef9681416100b63a30
SHA1

afdf39048ad3ec2c9a0958be76c2092d1a764114
SHA256

f7aa806bacdadec114591f636dc525c3b3d9eb154e75dd3834d321786367ad82
SHA512

34e01faa0366e2e33d8cc1a6a1163a68f4cbe3f2732331362aa0225451217b4a4696332f007c55aba5b67ca7699743241d08b985e9d18582bbbcaaaf7fe6f106
SSDEEP

3072:tAd1o/cV54J2p2qTedmc/FVQzEPgLBfdKeKMNko:+d1o/04JT66/FVQzEPg8eKM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7aa806bacdadec114591f636dc525c3b3d9eb154e75dd3834d321786367ad82

Files

f7aa806bacdadec114591f636dc525c3b3d9eb154e75dd3834d321786367ad82
.exe windows x86

acc588522c3735b1432a6f127df168b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord1440
ord3088
ord2021
ord385
ord709
ord501
ord304
ord5915
ord1620
ord1617
ord3946
ord1402
ord4244
ord5152
ord1908
ord5073
ord6275
ord4185
ord5214
ord3403
ord4722
ord4282
ord1600
ord5960
ord5235
ord5233
ord923
ord928
ord932
ord930
ord934
ord2390
ord2410
ord2394
ord2400
ord2398
ord2396
ord2413
ord2408
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord1964
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord4261
ord3337
ord631
ord760
ord386
ord572
ord3641
ord3441
ord5182
ord4212
ord4735
ord4890
ord630
ord1671
ord1670
ord1551
ord5912
ord1401
ord5203
ord4262
ord354
ord605
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord757
ord3182
ord6090
ord6065
ord6283
ord5975
ord3830
ord1123
ord3648
ord3466
ord2246
ord1913
ord2615
ord5009
ord5012
ord4309
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord4019
ord1557
ord3945
ord5148
ord5205
ord2173
ord1306
ord4277
ord751
ord635
ord562
ord395
ord5165
ord5833
ord4265
ord2371
ord4041
ord2003
ord2145
ord2144
ord4299
ord4081
ord5563
ord330
ord589
ord502
ord5641
ord5731
ord5976
ord4001
ord5175
ord1161
ord1063
ord762
ord1903
ord4123
ord1934
ord3210
ord1084
ord1482
ord2020
ord764
ord3684
ord781
ord265
ord266
ord2933
ord299
ord2902
ord6118
ord1489
ord297
ord876
ord310
ord784
ord4580
ord578
ord1207

msvcr71

_setmbcp
fclose
fopen
__CxxFrameHandler
exit
fread
??1exception@@UAE@XZ
??0exception@@QAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_CIpow
longjmp
sprintf
_setjmp3
__CxxLongjmpUnwind
malloc
free
_except_handler3
sscanf
getenv
memset
__security_error_handler
??1type_info@@UAE@XZ
__dllonexit
_onexit
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
_controlfp
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln

kernel32

GetVersionExA
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime

user32

GetActiveWindow
LoadIconA
SendMessageA
GetMenu
MessageBoxA
UpdateWindow
EnableWindow
LoadCursorA
InvalidateRect
ScreenToClient
GetWindowRect
SetCursor
SetMenu

gdi32

SetDIBitsToDevice

msvcp71

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

acc588522c3735b1432a6f127df168b0

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

msvcp71

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 444B

.rsrc Size: 84KB - Virtual size: 84KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 444B

.rsrc
Size: 84KB - Virtual size: 84KB