400167d713b96bc6c43400f65983cf8e1b92dbc782251e65ed4781444cfcf422

General

Target

400167d713b96bc6c43400f65983cf8e1b92dbc782251e65ed4781444cfcf422
Size

20KB
MD5

ae6ccb381192a0e59e3e68f2e56adf23
SHA1

0a60600f54d936363f22d93df86f0e68dda22797
SHA256

400167d713b96bc6c43400f65983cf8e1b92dbc782251e65ed4781444cfcf422
SHA512

8397bf3df17853a83f480a307aec431f7fc16e9ef8f912cb4f36d8c49830bf8d00828045472bd546c4389e06242455e74f5ade77d599c61189acc4f84705b017
SSDEEP

192:nEjvGtASUvZ6AOkQFubSHhczDwVKFjS7ZbTQpjAzV7gKRb5nkYzJzgqr1k:EKrQSkET2SJTQc7l9Mqh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
400167d713b96bc6c43400f65983cf8e1b92dbc782251e65ed4781444cfcf422

Files

400167d713b96bc6c43400f65983cf8e1b92dbc782251e65ed4781444cfcf422
.dll windows:1 windows x86 arch:x86

c0eaf8eb3d77a57138b2b66cbf11ceac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

cw3220mt

__ExceptionHandler
__ErrorMessage
__Return_unwind
__startupd
__free_heaps
___debuggerDisableTerminateCallback
_flushall
__startup
_abort
@$bdele$qpv
@$bdla$qpv
@$bnew$qui
@_CatchCleanup$qv
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
@string@$bdtr$qv
@string@compare$xqrx6string
@xmsg@$bctr$qrx4xmsg
@xmsg@$bdtr$qv
__ErrorExit

kernel32

GetModuleHandleA
GetVersion
GetProcAddress

aciscc32

@TSCCore@PutStr$qqspxct1i
@TSCCore@GetStr$qqspxc
@TSCCore@PutRequest$qqspxct1t1t1
@TSCCore@$bdtr$qv
@TSCCore@IsTagEmpty$qqspxc
@TSCCore@$bctr$qqspvp11HINSTANCE__pxcsppqqsp7TSCCorepxc$vppqqsp7TSCCorepx10TACI_FIELDt2xul$px10TACI_FIELDt5t5ppqqsp7TSCCorepxct2$v

user32

MessageBoxA

Exports

Exports

ASC_DestroySCL
ASC_InitializeSCL
__DebuggerHookData

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0eaf8eb3d77a57138b2b66cbf11ceac

Headers

File Characteristics

Imports

cw3220mt

kernel32

aciscc32

user32

Exports

Exports

Sections

CODE Size: 6KB - Virtual size: 8KB

DATA Size: 3KB - Virtual size: 4KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 4KB

CODE
Size: 6KB - Virtual size: 8KB

DATA
Size: 3KB - Virtual size: 4KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 4KB