94ac74fcb2efaddf9ae8f50f8a8cfdd7c41ea0fa478a05db4fcf82f9f7992c6a

Sharing

Copy URL Twitter E-mail

General

Target

94ac74fcb2efaddf9ae8f50f8a8cfdd7c41ea0fa478a05db4fcf82f9f7992c6a
Size

1.2MB
MD5

e78d453c97d68a38e6f80307318d91f3
SHA1

6831a44ed463b5afbc12ce4592b49eaae48feb1d
SHA256

94ac74fcb2efaddf9ae8f50f8a8cfdd7c41ea0fa478a05db4fcf82f9f7992c6a
SHA512

00e6aaeb7dd579153b9354944b2384b67a4a0619edb09e7343c75aa630b6b2db06b56ac206089c8db8dca0b74615802286d8c03e333af23723f9762eb1d31dcd
SSDEEP

12288:Q62xsuz+dIoMfySCbne++ZgmCWJ3Mi1EesvxuAySjZF:Q9xzccaSL++aGJFayKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94ac74fcb2efaddf9ae8f50f8a8cfdd7c41ea0fa478a05db4fcf82f9f7992c6a

Files

94ac74fcb2efaddf9ae8f50f8a8cfdd7c41ea0fa478a05db4fcf82f9f7992c6a
.exe windows:6 windows x64 arch:x64

87ccb27a5f42ee2283f5f2aecc2c58e4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp110

?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
?uncaught_exception@std@@YA_NXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?good@ios_base@std@@QEBA_NXZ
?_Xbad_alloc@std@@YAXXZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?width@ios_base@std@@QEAA_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Winerror_map@std@@YAPEBDH@Z
??0id@locale@std@@QEAA@_K@Z
?endl@std@@YAAEAV?$basic_ostream@DU?$char_traits@D@std@@@1@AEAV21@@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBAPEAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?setf@ios_base@std@@QEAAHHH@Z

msvcr110

_purecall
??3@YAXPEAX@Z
_XcptFilter
_amsg_exit
__getmainargs
__crtCapturePreviousContext
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
__CxxFrameHandler3
free
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtSetUnhandledExceptionFilter
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
_commode
_fmode
__initenv
__C_specific_handler
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__FrameUnwindFilter
memmove
??2@YAPEAX_K@Z
??_V@YAXPEAX@Z
printf
malloc
__CxxQueryExceptionSize
__CxxExceptionFilter
__CxxRegisterExceptionObject
__CxxDetectRethrow
__CxxUnregisterExceptionObject
_CxxThrowException
sprintf

kernel32

Sleep
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
IsDebuggerPresent
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
CloseHandle
GetLastError
CreateFileA
DeviceIoControl
DecodePointer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
EncodePointer
LocalFree

user32

wsprintfA

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitializeEx

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringByteLen
SysStringByteLen

mscoree

_CorExeMain

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nep
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

87ccb27a5f42ee2283f5f2aecc2c58e4

Headers

DLL Characteristics

File Characteristics

Imports

msvcp110

msvcr110

kernel32

user32

ole32

oleaut32

mscoree

Sections

.text Size: 27KB - Virtual size: 27KB

.nep Size: 512B - Virtual size: 320B

.rdata Size: 50KB - Virtual size: 50KB

.data Size: 1024B - Virtual size: 3KB

.pdata Size: 512B - Virtual size: 396B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1.1MB - Virtual size: 1.1MB

.text
Size: 27KB - Virtual size: 27KB

.nep
Size: 512B - Virtual size: 320B

.rdata
Size: 50KB - Virtual size: 50KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 512B - Virtual size: 396B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1.1MB - Virtual size: 1.1MB