ea244c7189064c2217390d010d83ab1497fae446e231172e6908c54201384aa5

Sharing

Copy URL

Twitter E-mail

General

Target

ea244c7189064c2217390d010d83ab1497fae446e231172e6908c54201384aa5
Size

51KB
MD5

92adf81b5747677788632538e3667963
SHA1

15669f2e57e6cbbd3fe5e3eeb6992e82515c72aa
SHA256

ea244c7189064c2217390d010d83ab1497fae446e231172e6908c54201384aa5
SHA512

4b11315e3759d608820faa24d5fde513314bcb49c9ff52082ef4d3db32a515d0ea0c48a3acd73fb3520a880c911899bdb5f7e52d9b0680b0f268e7f6c2815c04
SSDEEP

768:+CVpu3nD89u6v6ADlFKaQOZIjQwTk8k6ryeUIDMGus06H/Yfj4xU+:+CVwXD89uWV3bX2TVyhIDMGn0Bfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea244c7189064c2217390d010d83ab1497fae446e231172e6908c54201384aa5

Files

ea244c7189064c2217390d010d83ab1497fae446e231172e6908c54201384aa5
.exe windows:6 windows x64 arch:x64

e2b552bf12b84b6b641f93f8b16200ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

openms

?store@MzQCFile@OpenMS@@QEBAXAEBVString@2@0AEBVMSExperiment@2@0000AEBVFeatureMap@2@AEAV?$vector@VProteinIdentification@OpenMS@@V?$allocator@VProteinIdentification@OpenMS@@@std@@@std@@AEAV?$vector@VPeptideIdentification@OpenMS@@V?$allocator@VPeptideIdentification@OpenMS@@@std@@@7@@Z
?getConsistentOutputfileType@FileHandler@OpenMS@@SA?AW4Type@FileTypes@2@AEBVString@2@0@Z
??0FeatureXMLFile@OpenMS@@QEAA@XZ
??1FeatureXMLFile@OpenMS@@UEAA@XZ
?load@FeatureXMLFile@OpenMS@@QEAAXAEBVString@2@AEAVFeatureMap@2@@Z
??0IdXMLFile@OpenMS@@QEAA@XZ
?load@IdXMLFile@OpenMS@@QEAAXAEBVString@2@AEAV?$vector@VProteinIdentification@OpenMS@@V?$allocator@VProteinIdentification@OpenMS@@@std@@@std@@AEAV?$vector@VPeptideIdentification@OpenMS@@V?$allocator@VPeptideIdentification@OpenMS@@@std@@@5@@Z
?store@QcMLFile@OpenMS@@QEBAXAEBVString@2@@Z
??0ConsensusMap@OpenMS@@QEAA@XZ
??1ConsensusMap@OpenMS@@UEAA@XZ
??0ConsensusXMLFile@OpenMS@@QEAA@XZ
??1ConsensusXMLFile@OpenMS@@UEAA@XZ
?load@ConsensusXMLFile@OpenMS@@QEAAXAEBVString@2@AEAVConsensusMap@2@@Z
?getSubsectionDefaults_@TOPPBase@OpenMS@@EEBA?AVParam@2@AEBVString@2@@Z
??1MSExperiment@OpenMS@@UEAA@XZ
?sortSpectra@MSExperiment@OpenMS@@QEAAX_N@Z
?collectQCData@QcMLFile@OpenMS@@QEAAXAEAV?$vector@VProteinIdentification@OpenMS@@V?$allocator@VProteinIdentification@OpenMS@@@std@@@std@@AEAV?$vector@VPeptideIdentification@OpenMS@@V?$allocator@VPeptideIdentification@OpenMS@@@std@@@4@AEBVFeatureMap@2@AEBVConsensusMap@2@AEBVString@2@_NAEBVMSExperiment@2@@Z
??1QcMLFile@OpenMS@@UEAA@XZ
??0QcMLFile@OpenMS@@QEAA@XZ
?load@MzMLFile@OpenMS@@QEAAXAEBVString@2@AEAVMSExperiment@2@@Z
??1MzMLFile@OpenMS@@UEAA@XZ
??0MzMLFile@OpenMS@@QEAA@XZ
?updateRanges@FeatureMap@OpenMS@@UEAAXXZ
?sortByRT@FeatureMap@OpenMS@@QEAAXXZ
??1FeatureMap@OpenMS@@UEAA@XZ
??0FeatureMap@OpenMS@@QEAA@XZ
?updateRanges@MSExperiment@OpenMS@@UEAAXXZ
??0MSExperiment@OpenMS@@QEAA@XZ
?getFlag_@TOPPBase@OpenMS@@IEBA_NAEBVString@2@@Z
?getStringOption_@TOPPBase@OpenMS@@IEBA?AVString@2@AEBV32@@Z
?registerFlag_@TOPPBase@OpenMS@@IEAAXAEBVString@2@0_N@Z
?setValidFormats_@TOPPBase@OpenMS@@IEAAXAEBVString@2@AEBV?$vector@VString@OpenMS@@V?$allocator@VString@OpenMS@@@std@@@std@@_N@Z
??0String@OpenMS@@QEAA@AEBV01@@Z
?registerOutputFile_@TOPPBase@OpenMS@@IEAAXAEBVString@2@000_N1@Z
?registerInputFile_@TOPPBase@OpenMS@@IEAAXAEBVString@2@000_N1AEBV?$vector@VString@OpenMS@@V?$allocator@VString@OpenMS@@@std@@@std@@@Z
?setValidStrings_@TOPPBase@OpenMS@@IEAAXAEBVString@2@AEBV?$vector@VString@OpenMS@@V?$allocator@VString@OpenMS@@@std@@@std@@@Z
?registerStringOption_@TOPPBase@OpenMS@@IEAAXAEBVString@2@000_N1@Z
?main@TOPPBase@OpenMS@@QEAA?AW4ExitCodes@12@HPEAPEBD@Z
??1TOPPBase@OpenMS@@UEAA@XZ
??0TOPPBase@OpenMS@@QEAA@AEBVString@1@0_NAEBV?$vector@UCitation@OpenMS@@V?$allocator@UCitation@OpenMS@@@std@@@std@@1@Z
?split@String@OpenMS@@QEBA_NDAEAV?$vector@VString@OpenMS@@V?$allocator@VString@OpenMS@@@std@@@std@@_N@Z
??0String@OpenMS@@QEAA@PEBD@Z
??1IdXMLFile@OpenMS@@UEAA@XZ

msvcp140

?uncaught_exception@std@@YA_NXZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

memcpy
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__current_exception
__current_exception_context
__C_specific_handler

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_c_exit
exit
_configure_narrow_argv
_initterm_e
__p___argv
__p___argc
_register_thread_local_exe_atexit_callback
_initialize_onexit_table
terminate
_invalid_parameter_noinfo_noreturn
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_exit

api-ms-win-crt-heap-l1-1-0

malloc
free
_set_new_mode
_callnewh

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2b552bf12b84b6b641f93f8b16200ff

Headers

DLL Characteristics

File Characteristics

Imports

openms

msvcp140

vcruntime140

vcruntime140_1

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

kernel32

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 2KB - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 228B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 228B