7ffe3dad9be1c26a3e85aa59a6ea1359

Sharing

Copy URL

Twitter E-mail

General

Target

7ffe3dad9be1c26a3e85aa59a6ea1359
Size

85KB
MD5

7ffe3dad9be1c26a3e85aa59a6ea1359
SHA1

3a142968953bd8f97f819bf57f7602805bfbe52b
SHA256

218d01f5678a1f895b9b11836fa7dc633b0ad87a6710c725310bfd8342388f39
SHA512

7c1fc8a63777f69249b61127f940f2d97fefbe79e4c9d3d89e73e49a74e49d9ad61ec284db6e38b837c3d88b7288e8e94eee2a500d580027779ccb9d0cc0d298
SSDEEP

1536:rYLt8K48gaWdvfPjO9U7q0PtQwKo4ighI7a30phNy+A+50e++ex9Czrp54PZ6KtY:rHK48gBXa9ppThia30phzzvvKtY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ffe3dad9be1c26a3e85aa59a6ea1359

Files

7ffe3dad9be1c26a3e85aa59a6ea1359
.exe windows:5 windows x86 arch:x86

ab6bdb08a63613a3dae0fd246f3ed250

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_ismbcupper
__p___argc
__p__dstbias
_except_handler2
_wmkdir
_Getdays
ldexp
__set_app_type
sprintf
__DestructExceptionObject
wcstombs
putwc
__getmainargs
_wcsnicoll
_initterm
_CIcosh
_lrotr
_wstati64
_locking
_ftime
_unlock
_i64toa
srand
??_E__non_rtti_object@@UAEPAXI@Z
_mbsspn
__p__commode
_heapwalk
?set_terminate@@YAP6AXXZP6AXXZ@Z
remove
_CIpow
_purecall
ungetwc

polstore

IPSecUnassignPolicy
IPSecFreeNFAData
IPSecFreePolStr
IPSecEnumISAKMPData
IPSecCopyPolicyData
IPSecFreeISAKMPData
IPSecSetNFAData
IPSecGetNegPolData
IPSecEnumPolicyData
IPSecFreeMulNFAData
IPSecCopyNegPolData
IPSecAllocPolMem
IPSecAllocPolStr
IPSecEnumNFAData
IPSecCopyAuthMethod
IPSecExportPolicies
IPSecFreeMulISAKMPData
IPSecCopyFilterSpec
IPSecGetISAKMPData
IPSecFreeFilterData
IPSecCopyNFAData
IPSecDeleteNegPolData
IPSecCreateNFAData

kernel32

GetLastError
QueryDosDeviceW
GetFileAttributesA
InterlockedPopEntrySList
CmdBatNotification
GlobalMemoryStatus
FreeEnvironmentStringsA
GetSystemWindowsDirectoryW
GenerateConsoleCtrlEvent
DnsHostnameToComputerNameA
GetExitCodeProcess
GetTickCount
GetFileTime
FindFirstFileA
GetCurrentProcessId
EnumResourceNamesA
FillConsoleOutputCharacterA
GetCommConfig
OpenWaitableTimerA
GetLargestConsoleWindowSize
SetConsoleCursorInfo
AreFileApisANSI
FindFirstVolumeA
ReadFile
SetHandleCount
CreateJobObjectA
EnumResourceLanguagesA
_llseek
HeapCreate
SetFilePointer
EnumSystemLocalesA
GetConsoleCursorMode
VirtualAlloc
GetStartupInfoA
EnumResourceNamesW
LCMapStringW
GetCurrentThreadId
DisconnectNamedPipe
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetProcessShutdownParameters
LoadLibraryA
InitializeSListHead
FlushFileBuffers
QueueUserAPC

wldap32

ber_printf
ldap_control_freeW
ldap_modify_ext_sW
ldap_encode_sort_controlA
ldap_search_sA
cldap_open
ldap_get_values
ldap_modify_ext
ldap_parse_extended_resultW
ldap_sasl_bindA
ldap_modify
ldap_compare
ldap_openA
ldap_search_stA
ldap_parse_sort_controlA
ldap_count_valuesW
ldap_get_next_page
ldap_first_reference
ber_peek_tag
ldap_next_attributeW
LdapUTF8ToUnicode
ldap_modrdn2A

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab6bdb08a63613a3dae0fd246f3ed250

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

polstore

kernel32

wldap32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 18KB - Virtual size: 48KB

.rsrc Size: 19KB - Virtual size: 19KB

.reloc Size: 512B - Virtual size: 280B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 18KB - Virtual size: 48KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 512B - Virtual size: 280B