a61916c3417fcd509ad34bf63418cb55685cba9c0bf506f6798b6164bce86d9f

Sharing

Copy URL Twitter E-mail

General

Target

a61916c3417fcd509ad34bf63418cb55685cba9c0bf506f6798b6164bce86d9f
Size

1.6MB
MD5

6f47605ac819ec8a3c597aa1477c50f3
SHA1

dd67f00dd8668071b0b46a1ff54c24c9c795ace4
SHA256

a61916c3417fcd509ad34bf63418cb55685cba9c0bf506f6798b6164bce86d9f
SHA512

1dcbf7f9dd84664c2607880fd148b31a7597943e8466e3eafdc0e027a7ef000ea0aed658cf46cac960bec930de73adb47af0d638870dc88a18c76577f4326ac8
SSDEEP

12288:OLJtGRMkvOPn2onWTbi/rQ+CJgJAZ7UQI06qZRs9ottwNvmtmKnpQjMz3v:OLzSNGOBH2E9GQFJZRCawNmtvejMz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a61916c3417fcd509ad34bf63418cb55685cba9c0bf506f6798b6164bce86d9f

Files

a61916c3417fcd509ad34bf63418cb55685cba9c0bf506f6798b6164bce86d9f
.exe windows:5 windows x86 arch:x86

b6080117838e13a09861f48b09a14ed1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

libiap

?SetCallBackReceiveMsg@@YGXP6AXPADH@Z@Z
?SetTDDIAPCheckStatusMode@CIAP_Lib@@QAEXH@Z
?SetIgnoreValidRemarkNewRule@CIAP_Lib@@QAEX_N@Z
?SetIgnoreValidInfoPage@CIAP_Lib@@QAEX_N@Z
?SetIgnoreValidLastPage@CIAP_Lib@@QAEX_N@Z
?Connect@CIAP_Lib@@QAEHXZ
?disconnect@CIAP_Lib@@QAEXXZ
?Execute@CIAP_Lib@@QAEHXZ
?UnConfigureElanBridge@CIAP_Lib@@QAEXXZ
?ConfigureElanBridge@CIAP_Lib@@QAEXXZ
?SetParams@CIAP_Lib@@QAEXPAVCIIapParam@@PAEH@Z
?GetIAPLibVer@CIAP_Lib@@QAE_NPADH@Z
??1CIAP_Lib@@QAE@XZ
??0CIAP_Lib@@QAE@XZ

kernel32

TerminateProcess
SetEnvironmentVariableA
OutputDebugStringW
ReadConsoleW
SetStdHandle
WriteConsoleW
LoadLibraryExW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
Sleep
GetModuleFileNameA
SetCurrentDirectoryA
SetConsoleTitleA
GetLastError
GetLocalTime
FormatMessageA
CreateDirectoryA
DeleteFileA
GetStdHandle
GetTickCount
GetConsoleScreenBufferInfo
SetConsoleCursorPosition
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
SetEndOfFile
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapSize
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCurrentThreadId
CreateFileW
CloseHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetFileType
ReadFile
SetFilePointerEx
GetProcessHeap
GetFileAttributesExW
GetModuleFileNameW
QueryPerformanceCounter

Exports

Exports

??4CIAP_Lib@@QAEAAV0@ABV0@@Z

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b6080117838e13a09861f48b09a14ed1

Headers

DLL Characteristics

File Characteristics

Imports

libiap

kernel32

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 127KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 128KB - Virtual size: 127KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB