81cf1e41e8f40d2b588e26e20dc444d823765e18b119a7039e469d484e158eb3

Sharing

Copy URL Twitter E-mail

General

Target

81cf1e41e8f40d2b588e26e20dc444d823765e18b119a7039e469d484e158eb3
Size

35KB
MD5

4cd7b93d7e54f71591971f21fc37eb29
SHA1

2d8a3563fd83b2dcd25fab6cbc86c0def91d5e04
SHA256

81cf1e41e8f40d2b588e26e20dc444d823765e18b119a7039e469d484e158eb3
SHA512

e00ab8128e84297ead7f00ebb266d20e0676075eed1f8c7167ad23526c0e1bc8f7a5da7ecdf13800d8a061d1ba7dfce8ea8fbd678d2aa4dd6c40d36591bd545a
SSDEEP

384:nQ2UFT4oRDM7B2kizxpxFzOk6Gu5CKD+uY2KDttKDYst1d13e3MwAbu4tLKpY05c:nWT4aDMUZFlzO8Wkx7oucwAbHLK9fYTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81cf1e41e8f40d2b588e26e20dc444d823765e18b119a7039e469d484e158eb3

Files

81cf1e41e8f40d2b588e26e20dc444d823765e18b119a7039e469d484e158eb3
.exe windows:5 windows x86 arch:x86

f085ed73ec937966e21c40847761eafe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc90u

ord2537
ord2326
ord4448
ord4423
ord6801
ord4173
ord6803
ord4747
ord2251
ord2206
ord6035
ord4179
ord1048
ord5548
ord6741
ord5830
ord4213
ord2087
ord3217
ord5674
ord5676
ord2447
ord4347
ord4996
ord5680
ord5663
ord6018
ord2771
ord2983
ord4728
ord2966
ord3115
ord2774
ord2893
ord2764
ord4080
ord1183
ord4081
ord4071
ord2891
ord4348
ord4905
ord4681
ord3670
ord1182
ord280
ord6171
ord2694
ord813
ord286
ord782
ord580
ord600
ord296
ord794
ord589
ord1137
ord1272
ord1250
ord1248
ord4967
ord3112
ord4043
ord801

msvcr90

__CxxFrameHandler3
_wcmdln
_CxxThrowException
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_controlfp_s
_invoke_watson
_except_handler4_common
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_except_handler3
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
wcschr
_wcsicmp
_wtoi
memmove

kernel32

HeapFree
GetProcessHeap
FormatMessageW
GetCurrentProcess
SetLastError
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetLastError
GetTickCount
LocalFree
LoadLibraryExW
LocalAlloc
FreeLibrary
OutputDebugStringA
GetModuleFileNameW
LoadLibraryW
GetFileAttributesW
GetVersion
GetProcAddress
GetModuleHandleW
GetModuleHandleA

ole32

CoInitializeSecurity
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
SysAllocString
SysFreeString
SysStringLen
CreateErrorInfo

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f085ed73ec937966e21c40847761eafe

Headers

DLL Characteristics

File Characteristics

Imports

mfc90u

msvcr90

kernel32

ole32

oleaut32

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 22KB - Virtual size: 21KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 22KB - Virtual size: 21KB