b098da7d2499e4488d0aaf383b7d73b1ba0631ecd45e15699f0efd39c7514413

Sharing

Copy URL Twitter E-mail

General

Target

b098da7d2499e4488d0aaf383b7d73b1ba0631ecd45e15699f0efd39c7514413
Size

4.1MB
MD5

928b11d5f8f9dff60400030a7962e3ac
SHA1

711656ccc2d90cdcfeb0654736e285e0a45759e3
SHA256

b098da7d2499e4488d0aaf383b7d73b1ba0631ecd45e15699f0efd39c7514413
SHA512

593ed0fab2b856af60ec407045bb6c7be8f411f577fdbf3318ef67e6248647e6399e22aff6c0382c463b2d1c2915727b3af960d56e14e874ac1cab166f85f241
SSDEEP

49152:Mu39vg+Ba1hWDtJkOdHnsNQoFMvNFjLZt8wK/+p82hBjEwPrlPEt4on1z7O3+jEb:Jne0olFINFxtuK8gjEMl84o1zHJZ5l+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b098da7d2499e4488d0aaf383b7d73b1ba0631ecd45e15699f0efd39c7514413

Files

b098da7d2499e4488d0aaf383b7d73b1ba0631ecd45e15699f0efd39c7514413
.exe windows:5 windows x86

96a26a45e5e36616ac59a646ebd4a15b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

ws2_32

inet_addr

espritif

?EspritIfClose@@YAXXZ

nctrainerboardbase

??1CImageLabel@@UAE@XZ

hasp_windows_94512

ord13

busdrv32

ord67

mfc100u

ord2617

msvcr100

exit

msvcp100

?_Xlength_error@std@@YAXPBD@Z

oleaut32

VariantClear

ole32

CoTaskMemFree

comctl32

ord410

gdi32

PatBlt

version

VerQueryValueW

winmm

timeGetTime

Sections

.AKS1
Size: 345KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 3.7MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96a26a45e5e36616ac59a646ebd4a15b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

ws2_32

espritif

nctrainerboardbase

hasp_windows_94512

busdrv32

mfc100u

msvcr100

msvcp100

oleaut32

ole32

comctl32

gdi32

version

winmm

Sections

.AKS1 Size: 345KB - Virtual size: 1.1MB

.AKS2 Size: 3.7MB - Virtual size: 5.4MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 42KB - Virtual size: 41KB

.AKS1
Size: 345KB - Virtual size: 1.1MB

.AKS2
Size: 3.7MB - Virtual size: 5.4MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 42KB - Virtual size: 41KB