89c26e8fa366758abc3e579744fcf86c

General

Target

89c26e8fa366758abc3e579744fcf86c
Size

267KB
MD5

89c26e8fa366758abc3e579744fcf86c
SHA1

e3b1cb280cf279309d068773883c692b1d53a510
SHA256

69827578d035c580b77c148f70d1d79d4cc2583cb0711e649530113c78320606
SHA512

9b59a65754603ca1213e7fccf152a8f7021d50e212ae6552c8ad0201ea95595dad92d0d98d21c612082b0ed8b4ce7c51b967b037bb16def1ae7764bf556a182f
SSDEEP

6144:ELvrflu0+DidH11iPVEAzuADJJFXaHiuLU2:CaVsiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89c26e8fa366758abc3e579744fcf86c

Files

89c26e8fa366758abc3e579744fcf86c
.exe windows:6 windows x86 arch:x86

eadb5998577209b842f9333128fda99e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\wrappers_project\objfre_wxp_x86\i386\wrapper.pdb

Imports

kernel32

OutputDebugStringA
VirtualAlloc
GetCurrentProcess
VirtualProtect
UnmapViewOfFile
MapViewOfFile
GetLastError
CloseHandle
CreateFileMappingA
CreateFileA
GetModuleHandleA
GetComputerNameA
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcp60

??1_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ

msvcrt

??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
malloc
_callnewh
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__fmode
__set_app_type
_unlock
__dllonexit
_lock
_onexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_controlfp
calloc
free
memset
strncpy
memcpy
__p__commode

psapi

GetModuleFileNameExA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 254KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eadb5998577209b842f9333128fda99e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp60

msvcrt

psapi

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 254KB - Virtual size: 255KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 254KB - Virtual size: 255KB

.reloc
Size: 2KB - Virtual size: 1KB