3e4753715ed4a4e66744b5b7a40dc492df9165835767c9a37ece109600e8e89a

Sharing

Copy URL Twitter E-mail

General

Target

3e4753715ed4a4e66744b5b7a40dc492df9165835767c9a37ece109600e8e89a
Size

188KB
MD5

7270adc3d9fd402fefaad9139a30b959
SHA1

0e429367d07235af00376222de95e2a99494a1e3
SHA256

3e4753715ed4a4e66744b5b7a40dc492df9165835767c9a37ece109600e8e89a
SHA512

940f71986e3bdd8d9feb4b5554e958ee5113c7cff26ec436f85be96eabe30b5f69f68b40bba9d1c330a78961aae4e282649dbc801a2f58f02e33841d99fcd9a8
SSDEEP

3072:sPNJXyuj5qgencb2TFB3Q8/SQJiiElyfGgd9FxU56b535T:WXyujQgey2TFb/JeYbv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e4753715ed4a4e66744b5b7a40dc492df9165835767c9a37ece109600e8e89a

Files

3e4753715ed4a4e66744b5b7a40dc492df9165835767c9a37ece109600e8e89a
.exe windows:5 windows x86 arch:x86

d771d9d7cf2a0af728e078ffdcaa5cff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\temp\vs2008\p2papp\Release_MT\TenioDL.pdb

Imports

imm32

ImmDisableIME

kernel32

FreeLibrary
LoadLibraryW
GetModuleFileNameW
GetLastError
GetProcAddress
GetLocalTime
GetCurrentThreadId
OutputDebugStringA
CreateMutexW
WaitForSingleObject
GetLongPathNameW
GetModuleHandleA
ReleaseMutex
CompareStringW
CompareStringA
FlushFileBuffers
CloseHandle
CreateFileA
GetTimeZoneInformation
GetLocaleInfoW
WriteConsoleW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
HeapAlloc
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
GetConsoleCP
GetConsoleMode
SetConsoleCtrlHandler
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
SetEnvironmentVariableA

teniodl_core

?TenioDL_Initialize@@YAHXZ

version

VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d771d9d7cf2a0af728e078ffdcaa5cff

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

imm32

kernel32

teniodl_core

version

Sections

.text Size: 146KB - Virtual size: 146KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 146KB - Virtual size: 146KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 2KB - Virtual size: 1KB