7ae76e0c0839d945eeacf9810c51da54cad80be85eea05848d5495329acff5e7

Sharing

Copy URL Twitter E-mail

General

Target

7ae76e0c0839d945eeacf9810c51da54cad80be85eea05848d5495329acff5e7
Size

1.0MB
MD5

db411850e570d41a0eb2866705a5a98f
SHA1

19334709b391a947ecb5c6eadb466e544d09f9fc
SHA256

7ae76e0c0839d945eeacf9810c51da54cad80be85eea05848d5495329acff5e7
SHA512

ac6ce05229878947837b93a38f728dd80b44c9f87b866e96fff610ffbd9a8a0af2333933202abd0a830a24b025766781ad4b5e3d02e08e2010080bf16391b265
SSDEEP

6144:09UHkK5zagpqyf6XTWOVbEhGNKee5kLLq37gK6bCZ0HhM0x/D:09UHkK52wu7uhyKgLLqr0bCZ0Hhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ae76e0c0839d945eeacf9810c51da54cad80be85eea05848d5495329acff5e7

Files

7ae76e0c0839d945eeacf9810c51da54cad80be85eea05848d5495329acff5e7
.exe windows:4 windows x86 arch:x86

e69fdc00ec3e5715fdf54c82ff8cf18c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

adac20b

DACSESSION

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?momSOff
SET
?symPublicConst
?conSendItem
?domAssign
ARRAY
?getRFPC
VAL
?retNil
?conNRelease
?conNReleaseL
?frameExit
?ehUnwind
?conOpNewInt
?symRefItemConst
DBELOAD
SETAPPWINDOW
ACREATE
?conAssignRefWMember
?pushCodeBlock
__vft14ConLogicObject10AtomObject
?conMemberToItem
APPEVENT
?domValXEql
?domGetElem
POSTAPPEVENT
?passParameter
?retStackItem
__vft19ConNumericIntObject10AtomObject
__vft21ConNumericFloatObject10AtomObject
__vft20ConStringConstObject10AtomObject
__vft14ConStringShort10AtomObject
?nomClassLock
?nomClassUnlock
?retObject
?conNewNil
?conGetClass
?nomCreateClass
?nomDefineMethod
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conRelease
?conGetSelfClass
VALTYPE
EVAL
?nomDefineVar
?conNewCon
?domRefElem
?domValGCmp
TRANSFORM
?domAdd
?domAddEqu
SELECT
INDEXORD
DBSELECTAREA
ORDSETFOCUS
DBGOTOP
EOF
?domNot
?retStackValue
?domInc
FIELDGET
AADD
DBSKIP
DBUSEAREA
LASTREC
STRZERO
DBCLOSEAREA
DBSETORDER
SETAPPFOCUS
?domValLCmp
?domValNEql
AEVAL
ASORT
UPPER
LEFT
ASCAN
MSGBOX
RIGHT
?domLCmp
?domGCmp
?conNewString
NETERR
ALLTRIM
?domValLECmp
ACLONE
STR
?getWFPC
DBEVAL
?domSub
PADR
?domSubEqu
DATE
DTOC
?domMul
?domValGECmp
?domXEql
?domPostInc
AT
STRTRAN
CHR
LEN
DLLLOAD
CONFIRMBOX
_QUIT
VAR2CHAR
LTRIM
DTOS
DLLCALL
?conNNewNil
REPLICATE
SUBSTR
BIN2L
?domExp
APPNAME
CURDRIVE
CURDIR
ERRORBLOCK
?executeMacro
?andShortCut
?domNEql
?domAnd
LOADRESOURCE
?domGECmp
MEMOREAD
DBESETDEFAULT
DBSETINDEX
DBSEEK
ORDLISTADD
APPDESKTOP
VERSION
MEMORY
DBCOMMITALL
DBCLOSEALL
FOPEN
FERROR
?domDiv
XBPBITMAP
RTRIM
BAND
GRABOX
GRAQUERYTEXTBOX
GRASTRINGAT
GRALINE
?nomDefineVarMethod
ISMETHOD
EMPTY
?orShortCut
?domOr
RAT
INT
GRAPOS
?domEql
?domSubStr
ISFUNCTION
?domValSubStr
?domValEql
ABS
MAX
GRAARC
GRASPLINE
GRAMARKER
ISMEMBERVAR
?domLECmp
ROUND
XBPFONT
XBPPRINTER
MIN
GRASEGOPEN
GRASEGCLOSE
GRASEGDRAW
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_90_0
___xpprt1Version
DLLUNLOAD
XBPBASEDIALOG
XBPBASECRT
XBPBASECOMBOBOX
XBPBASELISTBOX
XBPBASEPUSHBUTTON
XBPBASESPINBUTTON
XBPBASEMENUBAR
XBPBASEMENU
XBPBASESLE
XBPBASEMLE
XBPBASETREEVIEW
XBPBASETREEVIEWITEM
XBPBASE3STATE
XBPBASETABPAGE
XBPBASESCROLLBAR
XBPBASECHECKBOX
XBPBASERADIOBUTTON
XBPBASESTATIC
XBPBASEPRESSPACE
SETMOUSE
?pushDynamicCodeBlock
SHELLLINKRESOLVE
FSIZE
FREADSTR
FCLOSE
PCOUNT
L2BIN
CONVTOANSICP
SETAPPEVENT
FIELDPOS
BREAK
?ehUnsetContext
?ehGetBreakContainer
FCOUNT
FIELDPUT
PROCNAME
THREADID
DOSERROR
ERROR
WORKSPACELIST
?setSWArea
DBCOMMIT
?restWArea
DBRROLLBACK
ALERT
DBEBUILD
DBSESSION
DOSERRORMESSAGE
APPTYPE
ROW
COL
SETPOS
_BREAK
ERRORLEVEL
TRIM
PROCLINE
?floadTos
ROOTCRT
PADL
TONE
QOUT
OUTERR
TIME
OS
SPACE
QQOUT
MLCOUNT
MEMOLINE

xppdbgc

__XPPdbgClient

xppui2

XBPCOLUMN
XBPBROWSE
XBPPRINTDIALOG

Sections

.text
Size: 782KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e69fdc00ec3e5715fdf54c82ff8cf18c

Headers

File Characteristics

Imports

adac20b

xpprt1

xppdbgc

xppui2

Sections

.text Size: 782KB - Virtual size: 781KB

.data Size: 94KB - Virtual size: 93KB

.xpp Size: 4KB - Virtual size: 3KB

.idata Size: 6KB - Virtual size: 5KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 33KB - Virtual size: 33KB

.text
Size: 782KB - Virtual size: 781KB

.data
Size: 94KB - Virtual size: 93KB

.xpp
Size: 4KB - Virtual size: 3KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 33KB - Virtual size: 33KB