357ea7f558236b21ab61e7a39ef13cfb

Sharing

Copy URL Twitter E-mail

General

Target

357ea7f558236b21ab61e7a39ef13cfb
Size

178KB
MD5

357ea7f558236b21ab61e7a39ef13cfb
SHA1

6f73670a0f902b15c9b889827e716759079288e2
SHA256

e66f08422dcab54ccce5b48e5adb0a7ebddbaf78a0041b6a723174d0d7419b73
SHA512

b7b6d4a31efda02261008efeefd80c87756347228501f0acbfaedbe21d0338be9aa3f92f140941a70ff01383d73ca34ff983cb439b452ad22f2e820bd7ad3b8c
SSDEEP

3072:rNbShOdVN4xg7bSnmuKh+ABqUejeuOOiO0UUY:JZKxg7bSnmuKh+ABqxORPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
357ea7f558236b21ab61e7a39ef13cfb

Files

357ea7f558236b21ab61e7a39ef13cfb
.exe windows:4 windows x86 arch:x86

d57d2322781d824f502cd2901c89d7ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?passParameter
?domAssign
?momSOff
DLLCALL
?retStackItem
?conNRelease
?conNReleaseL
?frameExit
?ehUnwind
?conNewCon
?conRelease
?conNNewNil
?symRefItemConst
CURDIR
?getRFPC
LEFT
?domAdd
QOUT
ASC
?retNil
?getWFPC
SETCOLOR
INKEY
SPACE
?domValGECmp
?domValEql
__vft19ConNumericIntObject10AtomObject
__vft20ConStringConstObject10AtomObject
__vft14ConStringShort10AtomObject
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_90_0
___xpprt1Version
APPTYPE
APPDESKTOP
?conSendItem
ACREATE
?conAssignRefWMember
APPNAME
?conNewString
SETAPPWINDOW
?domXEql
?orShortCut
?domOr
?retStackValue
ROOTCRT
__vft21ConNumericFloatObject10AtomObject
__vft14ConLogicObject10AtomObject
BREAK
?pushDynamicCodeBlock
ERRORBLOCK
WORKSPACELIST
LEN
?setSWArea
DBCOMMIT
?restWArea
DBCLOSEAREA
?ehUnsetContext
?ehGetBreakContainer
DBRROLLBACK
SET
?domGetElem
DBELOAD
?domNot
ALERT
DBEBUILD
?conMemberToItem
?andShortCut
?domAnd
DBSESSION
?domEql
ISFUNCTION
?executeMacro
AADD
EMPTY
STR
LTRIM
DOSERRORMESSAGE
ROW
COL
SETPOS
?domValXEql
_BREAK
ERRORLEVEL
_QUIT
ISMETHOD
?domInc
PROCNAME
?domAddEqu
TRIM
PROCLINE
?floadTos
CHR
STRTRAN
CONFIRMBOX
?domValGCmp
VALTYPE
PADL
TONE
OUTERR
MSGBOX
REPLICATE
DATE
TIME
VERSION
OS
VAR2CHAR
QQOUT
AEVAL
MLCOUNT
MEMOLINE
RTRIM
DLLLOAD
DLLUNLOAD
?nomClassLock
?nomClassUnlock
?retObject
?conNewNil
XBPBASEDIALOG
?conGetClass
?nomCreateClass
?nomDefineVar
?nomDefineMethod
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conGetSelfClass
XBPBASECRT
XBPBASECOMBOBOX
XBPBASELISTBOX
XBPBASEPUSHBUTTON
XBPBASESPINBUTTON
XBPBASEMENUBAR
XBPBASEMENU
XBPBASESLE
XBPBASEMLE
XBPBASETREEVIEW
XBPBASETREEVIEWITEM
XBPBASE3STATE
XBPBASETABPAGE
XBPBASESCROLLBAR
XBPBASECHECKBOX
XBPBASERADIOBUTTON
XBPBASESTATIC
XBPBASEPRESSPACE
SETMOUSE
?domRefElem
ACLONE
INT
?domSub
?domNEql
BAND
AT
UPPER
ASCAN
RIGHT
SHELLLINKRESOLVE
FOPEN
FSIZE
FREADSTR
FCLOSE
SUBSTR
PCOUNT
?domLCmp
?domValNEql
GRAQUERYTEXTBOX
?conOpNewInt
L2BIN
?domMul
CONVTOANSICP
?domGCmp
SETAPPFOCUS
APPEVENT
SETAPPEVENT
EVAL
BIN2L
LOADRESOURCE
THREADID
DOSERROR
ARRAY
ERROR

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d57d2322781d824f502cd2901c89d7ef

Headers

File Characteristics

Imports

xpprt1

Sections

.text Size: 148KB - Virtual size: 148KB

.data Size: 15KB - Virtual size: 14KB

.xpp Size: 2KB - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 7KB - Virtual size: 30KB

.text
Size: 148KB - Virtual size: 148KB

.data
Size: 15KB - Virtual size: 14KB

.xpp
Size: 2KB - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 7KB - Virtual size: 30KB