99eb786fa58f491600ba4ba318fe1ad63afc8b8b490f158bca9ea51ec6795f06

Sharing

Copy URL

Twitter E-mail

General

Target

99eb786fa58f491600ba4ba318fe1ad63afc8b8b490f158bca9ea51ec6795f06
Size

296KB
MD5

28f29bd4ba24e75f4e2897470a0c66ee
SHA1

cbd38edd2ba5ae622c84ba8e3bae9b599cb1385b
SHA256

99eb786fa58f491600ba4ba318fe1ad63afc8b8b490f158bca9ea51ec6795f06
SHA512

452aafe4784dffc96eed185b9a09691a0a100ba1b833b20392f7f379ff899159024f09a3d66e219b5379d09b347d7d1df2c2674e63e786255c59652f1436cbfc
SSDEEP

3072:KBah4VKakOrWDUpwKzuNCXO+sOAEky7GOIW3I0l3ZzYVYkUyo:YVKTWEOIWY43ZZo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99eb786fa58f491600ba4ba318fe1ad63afc8b8b490f158bca9ea51ec6795f06

Files

99eb786fa58f491600ba4ba318fe1ad63afc8b8b490f158bca9ea51ec6795f06
.dll windows:4 windows x86 arch:x86

e059da1c777170736fb7b75539ed1e8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

f3bicblr

ord94
ord15
ord20

f3biefnc

ord3
ord2

f3biprct

ord27
ord30
ord18
ord24
ord3
ord25
ord26
ord54
ord31
ord67
ord28
ord66
ord82
ord1

f3bilpio

ord9
ord8
ord1

f3biio

ord38
ord7
ord22

f3biprio

ord1

f3biifnc

ord79
ord91

f3biscrn

ord1

f3biscls

ord1

kernel32

DisableThreadLibraryCalls

f5ddfcb4

POWEROPENFORM

chainc.exe

APPENDFILE2FILE
SELECT_PRINTER_PARM
SELECT_PRINTER
S_CHAIN
SCRN02
PAUSE
TVAR
GET_WIN_PRINTERS
FINDF
SCRN01
GET_ENV_STRING
SCRNMODE
TERMID
KBDCHK
CHGDIR
S_CHAINR

invoke-the-exe

INVOKE-THE-EXE

Exports

Exports

B0200

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e059da1c777170736fb7b75539ed1e8f

Headers

File Characteristics

Imports

f3bicblr

f3biefnc

f3biprct

f3bilpio

f3biio

f3biprio

f3biifnc

f3biscrn

f3biscls

kernel32

f5ddfcb4

chainc.exe

invoke-the-exe

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 68KB - Virtual size: 67KB

.rodata Size: 20KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 28KB - Virtual size: 26KB

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 68KB - Virtual size: 67KB

.rodata
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 28KB - Virtual size: 26KB