8814c60757fe9760787469c74a4d0ab2

Sharing

Copy URL Twitter E-mail

General

Target

8814c60757fe9760787469c74a4d0ab2
Size

108KB
MD5

8814c60757fe9760787469c74a4d0ab2
SHA1

0dd2b1680df4abb17ac63ef6565c38461f07dcb0
SHA256

aed8d0bae88bf25dbbaeda53a32bdca66ee47ba38f0d49c93c9df080008ad6f6
SHA512

5bb9d76895d0ca98f32713d5926738e4a664fe3c3c50b319dcc80fd5b73ad1374299efadf779b9b7e66267ac15ce8d75c645c1f09209dc5a2da6341879c8f942
SSDEEP

1536:cC5m1Z5/6pkEcGEgIwyO0KFaIKhLVbBh1I/tU/Nh0WsCy8gE:cC5m1Z5gcw50kKhLRBLo+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8814c60757fe9760787469c74a4d0ab2

Files

8814c60757fe9760787469c74a4d0ab2
.exe windows:5 windows x86 arch:x86

4d86bccb1d8097f634dce1a2afdc4024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oledlg

OleUIUpdateLinksW
OleUIPromptUserA
OleUIChangeIconA
OleUIObjectPropertiesA
OleUICanConvertOrActivateAs
OleUIBusyA
OleUIEditLinksW
OleUIObjectPropertiesW
OleUIAddVerbMenuA
OleUIChangeSourceA
OleUIConvertW
OleUIPromptUserW
OleUIBusyW
OleUIInsertObjectW
OleUIUpdateLinksA
OleUIConvertA
OleUIChangeSourceW

kernel32

SearchPathW
VirtualAlloc
SetMailslotInfo
EnumSystemCodePagesW
LoadLibraryA
_hread
CreateProcessW
GetNumaAvailableMemoryNode
LoadResource
GetExitCodeProcess
GlobalFix
WaitForSingleObject
SetVDMCurrentDirectories
GetDiskFreeSpaceA
GetProcAddress
SetConsoleTitleW
GetTickCount

msvcrt20

strtoul
difftime
__p__timezone
_wexecv
??_Gfilebuf@@UAEPAXI@Z
_adj_fdivr_m16i
vswprintf
_spawnvp
_wspawnvpe
_adj_fdivr_m32i
_ismbbpunct
??_Estreambuf@@UAEPAXI@Z
?getline@istream@@QAEAAV1@PADHD@Z
??_7strstreambuf@@6B@
?setbuf@filebuf@@UAEPAVstreambuf@@PADH@Z
__p__winver

ntdll

RtlSetControlSecurityDescriptor
RtlDeleteTimer
_itoa
ZwOpenThreadToken
RtlInitializeCriticalSection
NtRestoreKey
NtOpenEvent
abs
CsrCaptureMessageBuffer
NtRaiseHardError
RtlDeactivateActivationContext
NlsAnsiCodePage
NtSetSystemEnvironmentValueEx
ZwWaitForDebugEvent
RtlDosApplyFileIsolationRedirection_Ustr
_wcsnicmp
RtlInterlockedPopEntrySList

esent

JetSetColumn@28
JetComputeStats
JetCloseTable
JetGetCounter
JetOpenFileSectionInstance
JetUpgradeDatabase
JetStopBackupInstance
JetOSSnapshotFreeze
JetSnapshotStop
JetRollback
JetCreateInstance
JetSetCurrentIndex
JetSetSessionContext
JetGetRecordPosition
JetEndExternalBackup
JetAttachDatabase

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 228B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d86bccb1d8097f634dce1a2afdc4024

Headers

DLL Characteristics

File Characteristics

Imports

oledlg

kernel32

msvcrt20

ntdll

esent

Sections

.text Size: 35KB - Virtual size: 35KB

.data Size: 35KB - Virtual size: 35KB

.rsrc Size: 25KB - Virtual size: 25KB

.reloc Size: 228B - Virtual size: 228B

.text
Size: 35KB - Virtual size: 35KB

.data
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 25KB - Virtual size: 25KB

.reloc
Size: 228B - Virtual size: 228B