73a21bba1f65f77a86cb618f7decc143b9eae05fec44d52487b2d10205e0e10b

Sharing

Copy URL Twitter E-mail

General

Target

73a21bba1f65f77a86cb618f7decc143b9eae05fec44d52487b2d10205e0e10b
Size

57KB
MD5

321fd286d3c98f8f2e4714076e9c94f5
SHA1

db2313d6dc66ec6908c5e243f78b650f3b8b0685
SHA256

73a21bba1f65f77a86cb618f7decc143b9eae05fec44d52487b2d10205e0e10b
SHA512

75a5ea6910ba758e1dd50494bc6c0b5a196a2ed4fe7371298344144b14c1136d7efe7ff6da3224b75dbd588115b3a9ea5b28fa6039a6cd5fe1c08f4c3a6e56a4
SSDEEP

768:GvZdNL0wMlTJTDSrfeoUlUW4iOl5ZBh6Qy0siFCvJ4V7wmdUm1a8k6Q:GvZH/QTheG1lUW5OduMFCvJgZP1aM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a21bba1f65f77a86cb618f7decc143b9eae05fec44d52487b2d10205e0e10b

Files

73a21bba1f65f77a86cb618f7decc143b9eae05fec44d52487b2d10205e0e10b
.exe windows:5 windows x86 arch:x86

605cda716ddd395137db68a032856bbb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\2021桌面文件夹\2023富士康软件开发\富士康报警导航2023\DownTimeAnalyzeCaller V3.0\Debug\DownTimeAnalyzeCaller V3.0.pdb

Imports

mfc90ud

ord3243
ord3256
ord3566
ord3548
ord3546
ord3564
ord3576
ord3553
ord3569
ord3574
ord3557
ord3559
ord3561
ord3555
ord3571
ord3551
ord1229
ord1225
ord1227
ord1223
ord1218
ord7642
ord7644
ord8868
ord2307
ord6487
ord7015
ord5197
ord1900
ord3245
ord7593
ord6377
ord9365
ord7420
ord2701
ord2209
ord6446
ord2032
ord5987
ord2336
ord2339
ord8780
ord4659
ord2250
ord2251
ord2410
ord2411
ord7203
ord7029
ord6407
ord7569
ord2849
ord5487
ord6268
ord9070
ord9371
ord6305
ord8633
ord6816
ord7044
ord872
ord2942
ord3761
ord8266
ord5062
ord598
ord5990
ord701
ord4013
ord302
ord292
ord9367
ord5739
ord9369
ord5071
ord7299
ord8730
ord4493
ord1968
ord7562
ord2782
ord2385
ord2384
ord2306
ord7590
ord4348
ord6712
ord6466
ord3033
ord1769
ord4899
ord406
ord1476
ord6142
ord753
ord5779
ord1453
ord8902
ord2863
ord930
ord950
ord6164
ord6121
ord9366
ord5738
ord9368
ord6537
ord2906
ord2861
ord8169
ord5747
ord1389
ord7462
ord9297
ord7868
ord5781
ord2716
ord4474
ord7626
ord7628
ord3337
ord5991
ord6804
ord7638
ord7603
ord8152
ord3804
ord4122
ord4320
ord6518
ord4097
ord4323
ord3807
ord3996
ord3796
ord5598
ord5599
ord5589
ord3994
ord5994
ord6707
ord6465
ord3140
ord1857
ord8287
ord5054
ord690
ord6772
ord5530
ord7538
ord943
ord1663
ord1408
ord1503

msvcr90d

_XcptFilter
_exit
__wgetmainargs
_amsg_exit
__set_app_type
_encode_pointer
__p__fmode
__CxxFrameHandler3
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
??_V@YAXPAX@Z
_cexit
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_unlock
_CRT_RTC_INITW
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
_wcmdln
exit

kernel32

Sleep
GetTickCount
InterlockedExchange
InterlockedCompareExchange
SetUnhandledExceptionFilter
LoadLibraryW
GetCurrentThreadId
GetCurrentProcessId
MulDiv
GetSystemTimeAsFileTime
IsDebuggerPresent
QueryPerformanceCounter
GetStartupInfoW
RaiseException
DebugBreak
FreeLibrary
VirtualQuery
GetModuleFileNameW
GetProcessHeap
HeapAlloc
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryA
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress

user32

GetSystemMetrics
CopyRect
IsRectEmpty
PtInRect
SetRect
SetRectEmpty
EqualRect
InflateRect
OffsetRect
IntersectRect
SubtractRect
UnionRect

comctl32

InitCommonControlsEx

oleaut32

SysFreeString

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605cda716ddd395137db68a032856bbb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc90ud

msvcr90d

kernel32

user32

comctl32

oleaut32

Sections

.text Size: 18KB - Virtual size: 17KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 18KB - Virtual size: 17KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 2KB - Virtual size: 1KB