3a6d54c91df96f98c4d010904fb19540ccb827d05e141074aae66c4e8263759a

Sharing

Copy URL Twitter E-mail

General

Target

3a6d54c91df96f98c4d010904fb19540ccb827d05e141074aae66c4e8263759a
Size

4.9MB
MD5

cd314f471ea5098da2bd3e75c535471a
SHA1

b21f71a71792a58bcf6b3bd8ca99b3bf905a1fe3
SHA256

3a6d54c91df96f98c4d010904fb19540ccb827d05e141074aae66c4e8263759a
SHA512

acbd0ff57cf4532b9b11b6281a0e26809536fb367ebdc1162d9cd09cc6b2a4983f7f21d7b7787f20c97dfe342c4e02f9a553ab819bd7beef26931e9690281110
SSDEEP

98304:WOgHCGHjUs/P3u/RGeqf3g5Sb7WMWBwHenPyBmx86cWUe4dxllQwCOa8W4b1ApDx:WjhHjL2/Meqfw5Sb6yHenPyk66cLLddC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a6d54c91df96f98c4d010904fb19540ccb827d05e141074aae66c4e8263759a

Files

3a6d54c91df96f98c4d010904fb19540ccb827d05e141074aae66c4e8263759a
.exe windows:5 windows x86

b6ee4411e65c321348f8a17e8a57e3b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

ws2_32

closesocket

mfc90

ord5647

msvcr90

exit

toolkitpro1521vc90

??1CXTPEdit@@UAE@XZ

msvcp90

?uncaught_exception@std@@YA_NXZ

libmysql

mysql_init

oleaut32

VarUdateFromDate

ole32

CoInitialize

comctl32

InitCommonControlsEx

gdi32

Escape

Sections

.AKS1
Size: 978KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 3.8MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6ee4411e65c321348f8a17e8a57e3b5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

ws2_32

mfc90

msvcr90

toolkitpro1521vc90

msvcp90

libmysql

oleaut32

ole32

comctl32

gdi32

Sections

.AKS1 Size: 978KB - Virtual size: 1.9MB

.AKS2 Size: 3.8MB - Virtual size: 5.6MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 164KB - Virtual size: 163KB

.AKS1
Size: 978KB - Virtual size: 1.9MB

.AKS2
Size: 3.8MB - Virtual size: 5.6MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 164KB - Virtual size: 163KB