1935bea978c5528efd9893c8bf006b3f

Sharing

Copy URL

Twitter E-mail

General

Target

1935bea978c5528efd9893c8bf006b3f
Size

849KB
MD5

1935bea978c5528efd9893c8bf006b3f
SHA1

b0f7001bcbdba37628519500c4c724073f5b6e91
SHA256

52c4a6c219b074e172658fc8f56c79648e86f66d1d3dcbe540c0bca583560a18
SHA512

0a5f0f290b3ea2241d07c6adfa0b8273ed42a1f200e6cb5600b94baefcc4a8f24a6e10a18c1c621fc5964e17f172dcd2298383e2207d2e2daf5049911193fbf7
SSDEEP

24576:v6XNUWQ1eoqyOMOJgRh+eI5HheqWjekSB:v6XNUWeHqymjR8qjkSB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1935bea978c5528efd9893c8bf006b3f

Files

1935bea978c5528efd9893c8bf006b3f
.exe windows:5 windows x86 arch:x86

206140935194c2f3ed435151a8ce19d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

perfctrs

CloseNWNBPerformanceData
OpenSPXPerformanceData
CloseIPXPerformanceData
OpenNbfPerformanceData
CollectSPXPerformanceData
OpenNWNBPerformanceData
CloseDhcpPerformanceData
CollectTcpIpPerformanceData
CollectDhcpPerformanceData
CloseTcpIpPerformanceData
OpenIPXPerformanceData
CollectNbfPerformanceData
CollectIPXPerformanceData
CloseSPXPerformanceData
CollectNWNBPerformanceData
OpenTcpIpPerformanceData
OpenDhcpPerformanceData
CloseNbfPerformanceData

sqlunirl

_IsDialogMessage@8
_CreateNamedPipe_@32
_PageSetupDlg_@4
_CreateColorSpace_@4
_CommConfigDialog_@12
_GetFileVersionInfo_@16
_NDdeShareAdd_@20
_CreateMetaFile_@4
_LookupAccountSid_@28
__lwrite_@12
_DispatchMessage_@4
_GetCurrentDirectory_@8
_RegisterClassEx_@4
_CreateFile@28
_GlobalFindAtom_@4
_ShellAbout_@16
_TabbedTextOut_@32
_lstrcat_@8

kernel32

GetGeoInfoA
DeleteFileA
GetTimeFormatA
FindFirstVolumeW
GetDevicePowerState
AddVectoredExceptionHandler
GetNumaAvailableMemoryNode
GlobalLock
WritePrivateProfileStringW
GetEnvironmentStringsW
VirtualAlloc
GlobalHandle
WriteFileGather
LoadLibraryA
SetCommTimeouts
FatalExit
SetConsoleMaximumWindowSize
GlobalUnfix
RegisterWaitForSingleObjectEx
UpdateResourceA
FileTimeToDosDateTime
GetProfileSectionW

shlwapi

StrIsIntlEqualA
PathIsLFNFileSpecA
StrTrimA
wvnsprintfA
StrFromTimeIntervalA
PathUnmakeSystemFolderW
PathIsUNCServerShareA
StrCatW
PathCombineA
PathIsSameRootA
PathFindExtensionA
SHGetValueA
PathCreateFromUrlW
UrlCreateFromPathW
StrCatBuffA
PathGetCharTypeA
PathCanonicalizeW
PathIsRelativeW

Sections

.text
Size: 726KB - Virtual size: 725KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

206140935194c2f3ed435151a8ce19d1

Headers

DLL Characteristics

File Characteristics

Imports

perfctrs

sqlunirl

kernel32

shlwapi

Sections

.text Size: 726KB - Virtual size: 725KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 3KB - Virtual size: 1.4MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 726KB - Virtual size: 725KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 3KB - Virtual size: 1.4MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB