5afede4b3dc16ee159f55c9feaabc7a50faddcfd7ef2ec4b40a92afd03f3d1ef

Sharing

Copy URL Twitter E-mail

General

Target

5afede4b3dc16ee159f55c9feaabc7a50faddcfd7ef2ec4b40a92afd03f3d1ef
Size

92KB
MD5

1127a1d6d1f9c6c9dad84e2fae9d2461
SHA1

2f72ffa7a484731e254e0456ebc80adc0d543a5a
SHA256

5afede4b3dc16ee159f55c9feaabc7a50faddcfd7ef2ec4b40a92afd03f3d1ef
SHA512

b0a2fcd79d815542a22b37f4746ccbd7a379a18ce0fd4223535f12e2ce6120bcbb4fc5327e4af5d2fba697e6bfb84cb8b6cae63ddbfe301a856d95039dfd146c
SSDEEP

1536:4nAkpc9mxdaGY3mWaQ/L38tjLsxNwGCq2iW7z:4nXpceaF3T9wtjLs3wGCH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5afede4b3dc16ee159f55c9feaabc7a50faddcfd7ef2ec4b40a92afd03f3d1ef

Files

5afede4b3dc16ee159f55c9feaabc7a50faddcfd7ef2ec4b40a92afd03f3d1ef
.exe windows:5 windows x86 arch:x86

e26f1f6f14a0654add9d6db3fde5e097

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\graphviz-ms\bin\mm2gv.pdb

Imports

gvc

gmalloc
grealloc
Verbose

msvcr90

fclose
strcmp
strncmp
strlen
tolower
fgets
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
fopen
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
strcat
_controlfp_s
system
qsort
rand
sqrt
memcpy
fread
fwrite
printf
strchr
_strdup
strcpy
sscanf
sprintf
__iob_func
exit
fprintf
fgetc
ungetc
malloc
fscanf
free
strtoul
_errno
_invoke_watson

cgraph

Agundirected
agopen
Agdirected
agattr
agxbinit
agxbput
agxbmore
agnode
agbindrec
agfstnode
agnxtnode
agedge
agxset
agxbfree
agsetfile
agwrite

kernel32

QueryPerformanceCounter
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�l8��u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e26f1f6f14a0654add9d6db3fde5e097

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

gvc

msvcr90

cgraph

kernel32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 760B

�l8��u� Size: 16KB - Virtual size: 20KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 760B

�l8��u�
Size: 16KB - Virtual size: 20KB