90a7f7065d8dd058ab7049cd3f0c8788ae8950a8d2366a372571dbb800590674

Resubmissions

25-06-2024 11:46

240625-nxaffsxfme 10

25-06-2024 11:35

240625-nqbpyaxcke 10

24-06-2024 09:07

240624-k3smfaxgkq 3

Sharing

Copy URL

Twitter E-mail

General

Target

90a7f7065d8dd058ab7049cd3f0c8788ae8950a8d2366a372571dbb800590674
Size

236KB
MD5

2fde1e85e1ead98a8c0e1ca7eda2a243
SHA1

4e195c7dc0d7bd995b81fc481dd300e966481201
SHA256

90a7f7065d8dd058ab7049cd3f0c8788ae8950a8d2366a372571dbb800590674
SHA512

b56a5d33fd6f99d092e5a2b7d332c0632eb4354a1c64cfb66b4a9997e5f6e0fd9d019b775705e89fe94c26b41762e11ede9dda150fc19a857ca9e2cfc05b65b2
SSDEEP

6144:FXtIh3WC7HpTBJNDrSfdH/qiNMxsJSoR:FXtsPpTrhgdHChxsJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
90a7f7065d8dd058ab7049cd3f0c8788ae8950a8d2366a372571dbb800590674

Files

90a7f7065d8dd058ab7049cd3f0c8788ae8950a8d2366a372571dbb800590674
.exe windows:4 windows x86 arch:x86

db9d9cc242bdd639ae853be3754e5aa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strlen
strcpy
strcat
_strdup
fopen
fclose
malloc
memcpy
free
_CIpow
_errno
strncmp
strtoul
_stat
memchr
fseek
clearerr
fread
ferror
ftell
_wfopen
_fileno
_fstat
time
_stricmp
strcmp
strrchr
fwrite
_snprintf
sprintf
_fdopen
_close
remove
_setmode
qsort
realloc
mktime
putc
localtime
_wmktemp
_wcreat
_mktemp
_creat

kernel32

GetModuleHandleA
HeapCreate
Thread32First
VirtualProtect
HeapDestroy
ExitProcess
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileA
SetFilePointer
SetEndOfFile
HeapAlloc
WriteFile
HeapFree
DeleteFileA
MoveFileExW
MoveFileExA
WriteConsoleA
HeapReAlloc
GetLogicalDriveStringsA
MultiByteToWideChar
WideCharToMultiByte

user32

CreateWindowExA

winmm

mciSendCommandA

Sections

.code
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

db9d9cc242bdd639ae853be3754e5aa3

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

winmm

Sections

.code Size: 13KB - Virtual size: 12KB

.text Size: 66KB - Virtual size: 66KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 139KB - Virtual size: 139KB

.rsrc Size: 1024B - Virtual size: 520B

.code
Size: 13KB - Virtual size: 12KB

.text
Size: 66KB - Virtual size: 66KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 139KB - Virtual size: 139KB

.rsrc
Size: 1024B - Virtual size: 520B