098297cc18af402031fb9a2df2abd6849bbea01b950fa86462ea02cd1ff11253

Sharing

Copy URL

Twitter E-mail

General

Target

098297cc18af402031fb9a2df2abd6849bbea01b950fa86462ea02cd1ff11253
Size

92KB
MD5

6d83d07a54c8a50c2e408409ecf0a48c
SHA1

202056420915a89eb1e6d761e36e446c30a52716
SHA256

098297cc18af402031fb9a2df2abd6849bbea01b950fa86462ea02cd1ff11253
SHA512

08f79404145b818ee467fba399826b51e078f6cb395a9af4917957d7e07e82561232c29e303d595edf1262fdff097859372a22b71c012acbf2a372c639e7fe37
SSDEEP

1536:kumaik8ykrJgaOjAdj/tf+OZEtckaTP5nMBuONn+RfV437/ZuzG1P3N2Uhyd:kuhikw+aOjAF/pstBaDqwONnct437Bl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
098297cc18af402031fb9a2df2abd6849bbea01b950fa86462ea02cd1ff11253

Files

098297cc18af402031fb9a2df2abd6849bbea01b950fa86462ea02cd1ff11253
.exe windows:6 windows x64 arch:x64

0fac71ba6587aa59bbb124a99b7da0ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mfc120u

ord5818
ord296
ord1030
ord4612
ord6222
ord3713
ord6152
ord9822
ord5458
ord3908
ord1086
ord11775
ord11807
ord7802
ord11795
ord5608
ord3688
ord6511
ord980
ord13404
ord6024
ord14147
ord6025
ord14148
ord6023
ord14146
ord7603
ord12082
ord13947
ord11538
ord11539
ord1969
ord7552
ord12495
ord3906
ord3968
ord8970
ord14074
ord7534
ord14068
ord12092
ord12093
ord2397
ord9951
ord5087
ord7905
ord7600
ord11288
ord12414
ord12476
ord10005
ord11803
ord7966
ord1445
ord7281
ord8049
ord2228
ord2136
ord12968
ord1088
ord937
ord6946
ord286
ord2170
ord875
ord1364
ord3556
ord8353
ord3130
ord13626
ord8389
ord13617
ord12576
ord7720
ord3670
ord3029
ord3266
ord3265
ord10044
ord10958
ord10584
ord8612
ord5904
ord2655
ord13256
ord5902
ord11687
ord10607
ord2180
ord2145
ord6189
ord450
ord11729
ord8807
ord7123
ord11289
ord8711
ord11645
ord3675
ord11499
ord14067
ord8537
ord11776
ord6625
ord10571
ord8828
ord3131
ord13372
ord11815
ord11813
ord1689
ord1701
ord1709
ord1705
ord1714
ord4718
ord4759
ord4726
ord4738
ord4734
ord4730
ord4767
ord4755
ord4722
ord4771
ord4744
ord4706
ord4713
ord4748
ord4316
ord5484
ord9265
ord4308
ord2925
ord14069
ord7535
ord14075
ord6527
ord11280
ord13213
ord5625
ord2587
ord11680
ord3769
ord3161
ord3236
ord3237
ord11724
ord987
ord7071
ord4987
ord5267
ord5455
ord8922
ord5243
ord4990
ord5133
ord4970
ord7346
ord7347
ord13260
ord3170
ord3167
ord9827
ord7795
ord2656
ord1449
ord9857
ord9859
ord9858
ord7337
ord5131
ord7804
ord8781
ord9856
ord9860
ord8782
ord5355
ord1484
ord4401
ord1486
ord2328

msvcr120

__crtCapturePreviousContext
__crtTerminateProcess
__crtUnhandledException
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_commode
_fmode
_wcmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__C_specific_handler
memset
memcpy
__CxxFrameHandler3
free

kernel32

OutputDebugStringW
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer

user32

GetClientRect
LoadIconW
GetWindowRect
DrawIcon
GetSystemMetrics
IsIconic
SendMessageW
EnableWindow

comctl32

InitCommonControlsEx

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fac71ba6587aa59bbb124a99b7da0ac

Headers

DLL Characteristics

File Characteristics

Imports

mfc120u

msvcr120

kernel32

user32

comctl32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 684B

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 1024B - Virtual size: 660B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 684B

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 1024B - Virtual size: 660B