89b648751346dba4a9089a84f801a05d

Sharing

Copy URL

Twitter E-mail

General

Target

89b648751346dba4a9089a84f801a05d
Size

248KB
MD5

89b648751346dba4a9089a84f801a05d
SHA1

1ea7a06e2a0ac3d6c3391bbda697d73b52da3bab
SHA256

3ab004eb94aef7dd8ae80a6619a86507f6161c6a102e1f3faa114ff3d3a2c218
SHA512

3c2dbb2a8595e720262bcbccb068d7e6f5decf46a9a60eadf6d20dfa6161dfc12992e2d1701f105577e31a18c8c979d1b61067ab327db915382e308fd3c8359d
SSDEEP

6144:SdPKzhTpU9R4cOqjlQuIm3U2gTrNZgJumX2G:sKzhTWkc1lQnTuumX2G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89b648751346dba4a9089a84f801a05d

Files

89b648751346dba4a9089a84f801a05d
.exe windows:4 windows x86 arch:x86

0ad92caf544117c63b3039d1ad9f365f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

vsprintf
_amsg_exit
_initterm
_XcptFilter
_errno
__CxxFrameHandler
_splitpath
_stricmp
ctime
memcpy
srand
rand
time
localtime
toupper
strncmp
calloc
malloc
swprintf
_wcsicmp
free
wcsncpy
_purecall
strstr
_strupr
_CxxThrowException
memmove
_snprintf
strncpy
sprintf
fopen
fprintf
fflush
fread
fseek
ftell
wcsstr
fclose
printf
memset

kernel32

IsBadCodePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlUnwind
CreateThread
GetLogicalDrives
QueryDosDeviceA
VirtualAlloc
GetFileTime
DeleteFileA
SystemTimeToFileTime
FindFirstFileA
FindNextFileA
FindClose
GetFullPathNameA
FlushFileBuffers
VirtualFree
WaitForSingleObject
ResetEvent
CreateEventA
GetSystemTime
WriteFile
GetTimeZoneInformation
SetFilePointer
ReadFile
GetFileSize
DuplicateHandle
FileTimeToSystemTime
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateFileA
DeviceIoControl
CloseHandle
GetModuleHandleA
FreeLibrary
OutputDebugStringA
LoadLibraryA
GetProcAddress

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetProcessWindowStation
GetUserObjectInformationA
MessageBoxA

ole32

CoUninitialize
CoInitialize

w32topl

ToplListCreate

iassam

IASParmsQueryUserProperty
DllRegisterServer

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.IWi
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Wo
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SLB
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Nml
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wFHy
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 213KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xhuv
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ad92caf544117c63b3039d1ad9f365f

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

ole32

w32topl

iassam

Sections

.text Size: 18KB - Virtual size: 17KB

.IWi Size: 1KB - Virtual size: 2KB

.Wo Size: 1KB - Virtual size: 1KB

.SLB Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.Nml Size: 2KB - Virtual size: 2KB

.wFHy Size: 1KB - Virtual size: 1KB

.data Size: 213KB - Virtual size: 376KB

.xhuv Size: 1KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 18KB - Virtual size: 17KB

.IWi
Size: 1KB - Virtual size: 2KB

.Wo
Size: 1KB - Virtual size: 1KB

.SLB
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.Nml
Size: 2KB - Virtual size: 2KB

.wFHy
Size: 1KB - Virtual size: 1KB

.data
Size: 213KB - Virtual size: 376KB

.xhuv
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 3KB