dabac9412b56cb49b21f22eb9569712204845fffbe33fa493bbf2e5255902804

Sharing

Copy URL Twitter E-mail

General

Target

dabac9412b56cb49b21f22eb9569712204845fffbe33fa493bbf2e5255902804
Size

1.5MB
MD5

a19097da6f9e1771eb960cd6b5586db5
SHA1

ea51bbea9eec1d1c90b2517d7895a5d76f5e1f77
SHA256

dabac9412b56cb49b21f22eb9569712204845fffbe33fa493bbf2e5255902804
SHA512

beb91a1bfd85b0dfb7907673463ae4bb6efa9d9acefba5a2cd170b3a510bbcd1fa011cb24be5bf21cd446fe9e2fa4233138d527fe04ce2f68a273d1965d010a9
SSDEEP

12288:5hdMSvTqgw9yI+YRJgE/ya3a9ASwbAianzKOH7GHeBdqBfsLfse:5hqSvTKyI3JgYfq+BciaG4G+Lqt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dabac9412b56cb49b21f22eb9569712204845fffbe33fa493bbf2e5255902804

Files

dabac9412b56cb49b21f22eb9569712204845fffbe33fa493bbf2e5255902804
.exe windows:4 windows x86 arch:x86

94b9f54efc412948eb12927d88017c35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

xli18nex

AdjustWindowText

xlbughandler

_XL_SetAlwaysSendReport@4

libexpat

ord20

liblua

luaL_checklstring

imagehlp

CheckSumMappedFile

xlgraphic

_XL_LoadBitmapFromFile@8

ws2_32

gethostbyname

uactool

XL_AddPluginPath

version

VerQueryValueW

wininet

InternetOpenA

xlluaruntime

_XLLRT_ReleaseEventContainer@4

mfc71u

ord1176

msvcr71

__CxxFrameHandler

user32

GetMessageW

gdi32

SetTextColor

msimg32

TransparentBlt

comdlg32

GetSaveFileNameW

advapi32

AdjustTokenPrivileges

shell32

Shell_NotifyIconW

comctl32

ImageList_EndDrag

shlwapi

PathMakeSystemFolderW

ole32

OleRun

oleaut32

SafeArrayCopy

urlmon

URLDownloadToCacheFileW

atl71

ord61

msvcp71

?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

winmm

PlaySoundW

userenv

GetUserProfileDirectoryW

sqlite3

sqlite3_reset

mini_unzip_dll

mini_unzip_dll

wintrust

WinVerifyTrust

crypt32

CertGetNameStringW

Sections

.text
Size: 519KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1007KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

94b9f54efc412948eb12927d88017c35

Headers

File Characteristics

Imports

kernel32

xli18nex

xlbughandler

libexpat

liblua

imagehlp

xlgraphic

ws2_32

uactool

version

wininet

xlluaruntime

mfc71u

msvcr71

user32

gdi32

msimg32

comdlg32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

urlmon

atl71

msvcp71

winmm

userenv

sqlite3

mini_unzip_dll

wintrust

crypt32

Sections

.text Size: 519KB - Virtual size: 2.7MB

.rsrc Size: 1007KB - Virtual size: 1.0MB

.text
Size: 519KB - Virtual size: 2.7MB

.rsrc
Size: 1007KB - Virtual size: 1.0MB