f106288e1e6fd6f0bdd1eb849f8a2e4687a027b3e393781e7c0daeb4f22ff640

Sharing

Copy URL Twitter E-mail

General

Target

f106288e1e6fd6f0bdd1eb849f8a2e4687a027b3e393781e7c0daeb4f22ff640
Size

4.3MB
MD5

2f537e1fe0ccee28d847d319ec5a9fb6
SHA1

cb50642722d6d441f244e3df1452469b06c8a8f1
SHA256

f106288e1e6fd6f0bdd1eb849f8a2e4687a027b3e393781e7c0daeb4f22ff640
SHA512

9c6c7809ac181bd91175156476fe3f51aee381cfbadc8e035c3e21f30cc84061c858d5bddccf0dc261d442ae1de992c41fea7c92abd8767ff388c0a2b64df236
SSDEEP

98304:QgnEPlLrhKzzzScx7bMeCnYZEqWyztiUM+nIXjl:9EPlLMz7ke9dzhMbh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f106288e1e6fd6f0bdd1eb849f8a2e4687a027b3e393781e7c0daeb4f22ff640

Files

f106288e1e6fd6f0bdd1eb849f8a2e4687a027b3e393781e7c0daeb4f22ff640
.exe windows:4 windows x86

fcb0991b2cac73f5acc08a70dba8a7f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

functionalcomponent

_ZN6Neusar27CFunctionalComponentManager11getInstanceEv

technicalcomponent

_ZN6Neusar19QtSignalSlotManager11getInstanceEv

usercontrol

_ZN4Flex6windowEv

userpage

_ZN8HomePage17slot_closeProjectEv

qt5core

_ZN4QUrlD1Ev

qt5gui

_ZN5QFontD1Ev

qt5widgets

_ZN7QWidgetD2Ev

libgcc_s_dw2-1

_Unwind_Resume

libstdc++-6

_Znaj

msvcrt

_iob

Sections

.AKS1
Size: 289KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 4.0MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fcb0991b2cac73f5acc08a70dba8a7f5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

functionalcomponent

technicalcomponent

usercontrol

userpage

qt5core

qt5gui

qt5widgets

libgcc_s_dw2-1

libstdc++-6

msvcrt

Sections

.AKS1 Size: 289KB - Virtual size: 496KB

.AKS2 Size: 4.0MB - Virtual size: 6.1MB

.AKS3 Size: 1KB - Virtual size: 1KB

.AKS1
Size: 289KB - Virtual size: 496KB

.AKS2
Size: 4.0MB - Virtual size: 6.1MB

.AKS3
Size: 1KB - Virtual size: 1KB