db200906c9db087b4d8e82ce36e92920f0197c4e51006ba339873611915d1950

Sharing

Copy URL Twitter E-mail

General

Target

db200906c9db087b4d8e82ce36e92920f0197c4e51006ba339873611915d1950
Size

4.1MB
MD5

50b41807d419a63bd39088d1093257f5
SHA1

b167a0e01e7639b97932e2e817a6628bff05bb94
SHA256

db200906c9db087b4d8e82ce36e92920f0197c4e51006ba339873611915d1950
SHA512

4117e458430d176c7a92219d0d943286f897cf6eddba93458678b4453268c8dd8afa5568b2f893d708c87fede6b900b425e850ec5775358e503a07bdf0eff6ba
SSDEEP

98304:h2rMBc0TFB7ZkUL/i2tSTEaMBZqDe2IglaYDCLOwDtTdU:ErMVTdri2Ey4/cFLB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db200906c9db087b4d8e82ce36e92920f0197c4e51006ba339873611915d1950

Files

db200906c9db087b4d8e82ce36e92920f0197c4e51006ba339873611915d1950
.exe windows:6 windows x86 arch:x86

ac106d1539ab008896da11ef1dea679e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

vcruntime140

memset

api-ms-win-crt-runtime-l1-1-0

exit

api-ms-win-crt-stdio-l1-1-0

_set_fmode

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

userenv

GetUserProfileDirectoryW

Sections

.AKS1
Size: 39KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 4.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ac106d1539ab008896da11ef1dea679e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

userenv

Sections

.AKS1 Size: 39KB - Virtual size: 148KB

.AKS2 Size: 4.0MB - Virtual size: 6.0MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 123KB - Virtual size: 123KB

.AKS1
Size: 39KB - Virtual size: 148KB

.AKS2
Size: 4.0MB - Virtual size: 6.0MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 123KB - Virtual size: 123KB