dbb98d0aa782388fd4fc13078251d108

Sharing

Copy URL

Twitter E-mail

General

Target

dbb98d0aa782388fd4fc13078251d108
Size

440KB
MD5

dbb98d0aa782388fd4fc13078251d108
SHA1

e1e15929307d22bd4f6b7c28528c29958e66eee2
SHA256

b8699065889b97210d65f3f31ba0eddf40adb4c11fefa938ee5002d9bb73c75f
SHA512

f194c0d2683c2f5ec7f44bf82187abe943a540cd5b1f55c3e20df3cc1075b3e46a6374aebadcba57879fe7db4c1d954b36a9dcbd012d1faabddccd4db7ce594f
SSDEEP

6144:takFq8nVj5phXowVf3pIf5c8Zs9xj3cHv3vYpb7sg/vE/v7NVYOj6lTMfTxv8Z9p:LFNnNhRlufWjsYpb7sgHOv7RMq1vO9p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbb98d0aa782388fd4fc13078251d108

Files

dbb98d0aa782388fd4fc13078251d108
.exe windows:4 windows x86 arch:x86

47be5ce2bebc008d0c88b6e29acd2291

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PurgeComm
SetCommMask
LocalAlloc
LeaveCriticalSection
DeleteCriticalSection
InterlockedDecrement
GetVolumeInformationW
GetDriveTypeW
GetLastError
SetEvent
CreateEventW
CreateThread
MapViewOfFileEx
GetCurrentProcess
GetCurrentThread
MulDiv
DeleteFileW
lstrcpyW
InitializeCriticalSection
MultiByteToWideChar
GetModuleHandleW
SetLastError
DisableThreadLibraryCalls
Sleep
WaitForSingleObjectEx
GetLocalTime
HeapAlloc
GetProcessHeap
lstrcpyA
WaitForMultipleObjects
SystemTimeToFileTime
GetSystemTime
lstrcpynA
IsBadStringPtrW
WriteFile
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
ClearCommError
IsBadCodePtr
CreateFileW
ReleaseMutex
ReadFile
lstrcmpiA
SetEndOfFile
LoadLibraryA
LocalFree
GetCurrentThreadId
lstrcmpiW
lstrlenW
lstrcpynW
CloseHandle
CreateMutexW
FreeLibrary
IsBadWritePtr
InterlockedExchange
GetFileType
lstrcmpW
lstrlenA
HeapDestroy
FormatMessageW
GetVersionExA
SetFilePointer
GetSystemTimeAsFileTime
UnhandledExceptionFilter
EscapeCommFunction
GetModuleHandleA
FlushFileBuffers
ExpandEnvironmentStringsA
GetModuleFileNameA
GetProcAddress
LoadLibraryW
ExpandEnvironmentStringsW
GetFileInformationByHandle
VirtualAllocEx
EnterCriticalSection
InterlockedIncrement
InterlockedCompareExchange
GetModuleFileNameW
DuplicateHandle
IsBadReadPtr
SetupComm
GetTickCount
GetTimeFormatW
CreateMutexA
CreateFileA
GetWindowsDirectoryW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
UnmapViewOfFile
CreateFileMappingW
SetFilePointerEx
OutputDebugStringW
ResetEvent
OpenProcess
WideCharToMultiByte
GetCurrentProcessId
HeapFree
SetCommTimeouts
GetDateFormatW
LoadLibraryA

advapi32

RegCloseKey
RegCreateKeyExW
RegQueryValueExW

shlwapi

StrRChrW
PathAppendW
StrChrW

shell32

ShellExecuteW
Shell_NotifyIconW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47be5ce2bebc008d0c88b6e29acd2291

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

shell32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 17KB - Virtual size: 267KB

.rsrc Size: 377KB - Virtual size: 377KB

.reloc Size: 6KB - Virtual size: 29KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 17KB - Virtual size: 267KB

.rsrc
Size: 377KB - Virtual size: 377KB

.reloc
Size: 6KB - Virtual size: 29KB