78723339498ca4e59b43dc6e871db8c7933dc7bb2fea1a1f64cd5b7911890ea5

Sharing

Copy URL

Twitter E-mail

General

Target

78723339498ca4e59b43dc6e871db8c7933dc7bb2fea1a1f64cd5b7911890ea5
Size

7.2MB
MD5

1be2c7bd6b9dc8718f78bca0f347cf34
SHA1

352e56b08ac92d81ee9bd0e5e2651a2d32a73aa9
SHA256

78723339498ca4e59b43dc6e871db8c7933dc7bb2fea1a1f64cd5b7911890ea5
SHA512

02b7526d33edfc52120d6f18687c32587b325a0fb7d31aa4f13ad7f9af7c2fabed3a8161bab1902b28e9d88fbf68fe82383e83a207cd5d1d707ec116e723dbcf
SSDEEP

49152:7X43aFyswXPhrZdXFU5EVXChj92OQMWIacDUZj3F3wcoOnxg8hSwCv/fouyh45B:7oOTYdXFU+dujMOQ/OUZ2OxrYVffP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78723339498ca4e59b43dc6e871db8c7933dc7bb2fea1a1f64cd5b7911890ea5

Files

78723339498ca4e59b43dc6e871db8c7933dc7bb2fea1a1f64cd5b7911890ea5
.exe windows:5 windows x86

2922b9d14e72bcee7c976636bfea2792

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

jansson

json_object_iter_value

kernel32

IsDebuggerPresent

user32

GetClientRect

gdi32

GetObjectType

advapi32

RegOpenKeyExW

shell32

DragQueryFileW

ole32

CoTaskMemAlloc

oleaut32

VarUI4FromStr

hipsdb

ord9

shlwapi

PathFileExistsW

comctl32

ImageList_DrawIndirect

gdiplus

GdipResetPath

duilib

?set_attribute_list@CTabControlMgr@DuiLib@@QAEXPAVCControlUI@2@PB_W@Z

usysdiag

vif_sysutils_get

libxsse

ord30

hrcomm

CreateLPCClient

upgrade

ord5

iphlpapi

GetAdaptersInfo

userenv

GetProfilesDirectoryW

mpr

WNetGetConnectionW

version

GetFileVersionInfoSizeW

msvcrt

strncpy

psapi

GetMappedFileNameW

imm32

ImmSetCompositionWindow

winmm

PlaySoundA

ws2_32

bind

winspool.drv

OpenPrinterA

comdlg32

GetSaveFileNameA

Sections

.text
Size: 381KB - Virtual size: 984KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 6.7MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2922b9d14e72bcee7c976636bfea2792

Headers

DLL Characteristics

File Characteristics

Imports

jansson

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

hipsdb

shlwapi

comctl32

gdiplus

duilib

usysdiag

libxsse

hrcomm

upgrade

iphlpapi

userenv

mpr

version

msvcrt

psapi

imm32

winmm

ws2_32

winspool.drv

comdlg32

Sections

.text Size: 381KB - Virtual size: 984KB

.sedata Size: 6.7MB - Virtual size: 6.7MB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 47KB - Virtual size: 48KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 381KB - Virtual size: 984KB

.sedata
Size: 6.7MB - Virtual size: 6.7MB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 47KB - Virtual size: 48KB

.sedata
Size: 4KB - Virtual size: 4KB