86dd97b2a1d091dc9ebcddb29c71d94cdcd0e5b0d65000ab87af17dd14ffc96a

Sharing

Copy URL Twitter E-mail

General

Target

86dd97b2a1d091dc9ebcddb29c71d94cdcd0e5b0d65000ab87af17dd14ffc96a
Size

178KB
MD5

9a01671e1c500ba4eeef992cc463d06e
SHA1

8ef327b3249e37035ffc5f288e2da5d35756705f
SHA256

86dd97b2a1d091dc9ebcddb29c71d94cdcd0e5b0d65000ab87af17dd14ffc96a
SHA512

ba51eb773bdf42912de99c77f8a449554e6434abc031645fb845c43d8a71ad10eb1c12dc34e2742aa140fae40801662a60cee5ab0c4be24a77597f524a350108
SSDEEP

1536:y7u13uCDuMO/udLQ52Sn3viVQUpQ2RmXdMfTJ3gCzp9YCpS7o9XuGRLbWzPE3:mn8F+MXuec83

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86dd97b2a1d091dc9ebcddb29c71d94cdcd0e5b0d65000ab87af17dd14ffc96a

Files

86dd97b2a1d091dc9ebcddb29c71d94cdcd0e5b0d65000ab87af17dd14ffc96a
.exe windows:4 windows x86 arch:x86

00fbc5bd7add72f96929f86a8765434d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

xpprt1

?prepareOpStack
?ehIsError
?ehSetContext
?setjmp
?exeNativeError
?exeStackUnwind
?momSOn
?symContextInit
__vft18ConUndefinedObject10AtomObject
?conNAllocL
?symRefItemConst
?domAssign
?getRFPC
?momSOff
SET
?retStackValue
DBSELECTAREA
DBUSEAREA
DBSETINDEX
EOF
?domNot
VAL
AT
DBSEEK
?domAdd
STR
DTOC
?getRFCC
ALLTRIM
?andShortCut
?domEql
?domAnd
?floadTos
DBSKIP
TRANSFORM
QOUT
?retNil
?conNRelease
?conNReleaseL
?frameExit
?ehUnwind
?passParameter
STRTRAN
?retStackItem
CHR
__vft19ConNumericIntObject10AtomObject
__vft14ConLogicObject10AtomObject
__vft20ConStringConstObject10AtomObject
__vft14ConStringShort10AtomObject
_iniExitProcedureList
___iniStart
___iniGetDLLInitHook
__This_executable_needs_version_1_90_0
___xpprt1Version
APPTYPE
APPDESKTOP
?conSendItem
ACREATE
?conAssignRefWMember
APPNAME
?conNewString
SETAPPWINDOW
?domXEql
?orShortCut
?domOr
ROOTCRT
__vft21ConNumericFloatObject10AtomObject
BREAK
?pushDynamicCodeBlock
ERRORBLOCK
WORKSPACELIST
LEN
?setSWArea
DBCOMMIT
?restWArea
DBCLOSEAREA
?ehUnsetContext
?ehGetBreakContainer
?conRelease
DBRROLLBACK
?domGetElem
DBELOAD
ALERT
DBEBUILD
?conMemberToItem
DBSESSION
ISFUNCTION
?executeMacro
AADD
EMPTY
LTRIM
DOSERRORMESSAGE
ROW
COL
SETPOS
?domValXEql
_BREAK
ERRORLEVEL
_QUIT
ISMETHOD
?domInc
PROCNAME
?domAddEqu
TRIM
PROCLINE
CONFIRMBOX
?domValGCmp
VALTYPE
PADL
TONE
OUTERR
MSGBOX
REPLICATE
DATE
TIME
VERSION
OS
SPACE
VAR2CHAR
QQOUT
AEVAL
MLCOUNT
MEMOLINE
RTRIM
LEFT
DLLLOAD
DLLCALL
DLLUNLOAD
?nomClassLock
?nomClassUnlock
?retObject
?conNewNil
XBPBASEDIALOG
?conGetClass
?nomCreateClass
?nomDefineVar
?nomDefineMethod
?nomEndClassDefinition
?conNewExtObject
?nomCallInitClass
?conGetSelfClass
XBPBASECRT
XBPBASECOMBOBOX
XBPBASELISTBOX
XBPBASEPUSHBUTTON
XBPBASESPINBUTTON
XBPBASEMENUBAR
XBPBASEMENU
XBPBASESLE
XBPBASEMLE
XBPBASETREEVIEW
XBPBASETREEVIEWITEM
XBPBASE3STATE
XBPBASETABPAGE
XBPBASESCROLLBAR
XBPBASECHECKBOX
XBPBASERADIOBUTTON
XBPBASESTATIC
XBPBASEPRESSPACE
SETMOUSE
?domRefElem
ACLONE
INT
?domSub
?domNEql
BAND
UPPER
ASCAN
RIGHT
SHELLLINKRESOLVE
FOPEN
FSIZE
FREADSTR
FCLOSE
SUBSTR
PCOUNT
?domLCmp
?domValNEql
GRAQUERYTEXTBOX
?conOpNewInt
L2BIN
?domMul
CONVTOANSICP
?domGCmp
SETAPPFOCUS
APPEVENT
SETAPPEVENT
EVAL
BIN2L
?domValEql
LOADRESOURCE
THREADID
DOSERROR
ARRAY
ERROR

Sections

.text
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpp
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00fbc5bd7add72f96929f86a8765434d

Headers

File Characteristics

Imports

xpprt1

Sections

.text Size: 149KB - Virtual size: 148KB

.data Size: 15KB - Virtual size: 14KB

.xpp Size: 2KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 4KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 149KB - Virtual size: 148KB

.data
Size: 15KB - Virtual size: 14KB

.xpp
Size: 2KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 6KB - Virtual size: 6KB