926f3b2df749e0ed9ba6de5eafa0660899feece27e5faf37bb7288a0a903190d

Sharing

Copy URL Twitter E-mail

General

Target

926f3b2df749e0ed9ba6de5eafa0660899feece27e5faf37bb7288a0a903190d
Size

232KB
MD5

d433d58670d55e1e080eae5d5f4ed5c2
SHA1

c228414966ff2b037e5869c76a5afbdd510633d6
SHA256

926f3b2df749e0ed9ba6de5eafa0660899feece27e5faf37bb7288a0a903190d
SHA512

4c34d6fb2b27200d025297f3ec70d4ffa5e60f35f34778803da40c50bad441caac7cdd948dd8ef5a81d4aa1abcb22ce7aaf2876bd7f9f155868fb13126680c71
SSDEEP

6144:leY2HkAJ2YYSqBQoOlN4mBAUChewuDqsce6VVY1:leY2HkAcYYpQdJa6Dqsc5Y1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
926f3b2df749e0ed9ba6de5eafa0660899feece27e5faf37bb7288a0a903190d

Files

926f3b2df749e0ed9ba6de5eafa0660899feece27e5faf37bb7288a0a903190d
.exe windows:5 windows x86 arch:x86

9bba7df8a924cc78d2e174837d0f61d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ged

GEDLireDocumentFlux

ciril

XMLFromStream
setDebug
soap_connect
soap_putbase64
soap_getbase64
soap_gethex
soap_xop_forward
soap_dime_forward
soap_reference
soap_array_reference
soap_embedded_id
soap_begin_count
soap_end_count
soap_end_send
soap_begin_recv
soap_end_recv
soap_malloc
soap_lookup_type
soap_id_lookup
soap_id_forward
soap_id_enter
soap_closesock
soap_new
soap_begin
soap_end
soap_match_tag
soap_element_begin_out
soap_element_id
soap_element_end_out
soap_element_begin_in
soap_element_end_in
soap_peek_element
soap_revert
soap_set_namespaces
soap_new_block
soap_push_block
soap_save_block
soap_envelope_begin_out
soap_envelope_end_out
soap_envelope_begin_in
soap_envelope_end_in
soap_body_begin_out
soap_body_end_out
soap_body_begin_in
soap_body_end_in
soap_recv_header
soap_recv_fault
soap_s2string
soap_inint
soap_inbyte
soap_inunsignedByte
soap_inunsignedInt
soap_instring
soap_indateTime
soap_outstring
soap_attachment
soap_attr_value
STREAMRead
STREAMWrite
STREAMPrintf
STREAMConcat
STREAMBase64InitStream
ARCHOpenNew
ARCHAddFromStream
ARCHClose
SQLError
SQLOpen
SQLFetch
SQLClose
SQLExecute
SQLRelease
SQLCommit
SQLFromStream
SQLInitStream
LSTNew
LSTAdd
LSTFirst
LSTNext
HTTPSetBreakErrorMode
HTTPGetReturnCode
strlower
ZIPInitStream
debug
exists
ERRSetOutputStream
FILEDelete
FILEFromStream
FILEInitStream
MEMSize
MEMMalloc
MEMFree
MEMStrDup
MEMList
MEMFromStream
MEMInitStream
XMLNew
XMLClose
XMLSearchXPath
XMLFetch
XMLEndSearch
XMLGetValue
XMLGetNode
XMLXPathNode
XMLAddElement
XMLAddAttribute
XMLAddValue
XMLAddElementAttribute
XMLAddElementValue
XMLWriteString
PARInit
PARPresent
PARObligatoire
PARGet
SOAPSetSSLClient
SQLCode
MEMSourceName
MEMSourceLine
XMLIndented
XMLEncoding
STREAMCharSet
NETInitSSLCertificate
HTTPSetRawMode
HTTPInitStream
HTTPSetRequestHeader
HTTPSetRequestData
HTTPReadHeader
HTTPGetCookies

kernel32

WriteConsoleW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
SetEndOfFile
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
HeapFree
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetFileType
GetTimeZoneInformation
MultiByteToWideChar
WideCharToMultiByte
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
GetProcessHeap
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
CreateFileW
GetFileSizeEx
SetFilePointerEx
HeapSize
HeapReAlloc
ReadFile
ReadConsoleW

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bba7df8a924cc78d2e174837d0f61d8

Headers

DLL Characteristics

File Characteristics

Imports

ged

ciril

kernel32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 52KB - Virtual size: 52KB

.data Size: 3KB - Virtual size: 21KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 52KB - Virtual size: 52KB

.data
Size: 3KB - Virtual size: 21KB

.reloc
Size: 11KB - Virtual size: 11KB