a7104b687a78df51b229d58abe7692facca0db14ddb79a524f114417ab49b444

Sharing

Copy URL Twitter E-mail

General

Target

a7104b687a78df51b229d58abe7692facca0db14ddb79a524f114417ab49b444
Size

7.1MB
MD5

dac4bf36c9fc72a6f161cbc8e1e2917f
SHA1

ff6d5cccd5c66be6303780567fdda2c54354fb49
SHA256

a7104b687a78df51b229d58abe7692facca0db14ddb79a524f114417ab49b444
SHA512

66deb81c6836641a1ab3578db041cf4b191822577dd3a795fcf25de0d466f69d00cc5c1ec63ae46a4c88d96b95a4e5c9fdbd5f6332e200eacafca34188d2fc66
SSDEEP

98304:M/7t0ol2SuFGbOp1S7sjXqnmHB9cmALG35C+zIS7Vf7bn+Ge6GY6OTmGGG:KKpM7sjX3H83LeYXYP+GhGrOTmGGG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7104b687a78df51b229d58abe7692facca0db14ddb79a524f114417ab49b444

Files

a7104b687a78df51b229d58abe7692facca0db14ddb79a524f114417ab49b444
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 27KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 72B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 258KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.itext Size: 9KB - Virtual size: 8KB

.data Size: 51KB - Virtual size: 50KB

.bss Size: - Virtual size: 27KB

.idata Size: 13KB - Virtual size: 13KB

.didata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 158B

.tls Size: - Virtual size: 72B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 258KB - Virtual size: 258KB

.rsrc Size: 4.0MB - Virtual size: 4.0MB

.text
Size: 2.8MB - Virtual size: 2.8MB

.itext
Size: 9KB - Virtual size: 8KB

.data
Size: 51KB - Virtual size: 50KB

.bss
Size: - Virtual size: 27KB

.idata
Size: 13KB - Virtual size: 13KB

.didata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 158B

.tls
Size: - Virtual size: 72B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 258KB - Virtual size: 258KB

.rsrc
Size: 4.0MB - Virtual size: 4.0MB