03a0ff34a5a964358b081f06433e268309bc3599e73e3f301f58e0a9f6be5bc4

Sharing

Copy URL Twitter E-mail

General

Target

03a0ff34a5a964358b081f06433e268309bc3599e73e3f301f58e0a9f6be5bc4
Size

7.1MB
MD5

5e349c594045f5d5d7669935389daa8a
SHA1

a86576b2811f9d3a186b69e36bd96f2166981c3e
SHA256

03a0ff34a5a964358b081f06433e268309bc3599e73e3f301f58e0a9f6be5bc4
SHA512

153ae008d3ef5a3e6c4e17063c525c9bf795c29c4042a27b5d41edba2f33b8eccc8608be896f662be411a8612244b5198be4a0ec99665efdf8cc7c014da76b94
SSDEEP

196608:VwFcs8q9yQA8q0X482Lh2s14BzY24aDHSq4N03B1D:Vtlq9hAqP2JmW274K3BZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a0ff34a5a964358b081f06433e268309bc3599e73e3f301f58e0a9f6be5bc4

Files

03a0ff34a5a964358b081f06433e268309bc3599e73e3f301f58e0a9f6be5bc4
.exe windows:6 windows x86 arch:x86

552602b0f3461eb6b49f84c942da52dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\vc\Ltgx\Release\mon\LtgxTgMon.pdb

Imports

ws2_32

WSAWaitForMultipleEvents

libcrypto-1_1

X509_NAME_oneline

libssl-1_1

SSL_CTX_set_cipher_list

zlib1

inflateInit2_

crypt32

CertOpenStore

normaliz

IdnToAscii

version

VerQueryValueW

wldap32

ord35

mfc140u

ord4960

kernel32

HeapSize

user32

GetSystemMetrics

advapi32

CryptDestroyKey

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

ole32

CoInitializeEx

oleaut32

SysAllocString

msvcp140

?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z

sqlite3

sqlite3_column_int64

wsock32

gethostname

vcruntime140

_except_handler4_common

api-ms-win-crt-time-l1-1-0

_localtime64_s

api-ms-win-crt-runtime-l1-1-0

_getpid

api-ms-win-crt-convert-l1-1-0

wcstombs

api-ms-win-crt-string-l1-1-0

_stricmp

api-ms-win-crt-stdio-l1-1-0

feof

api-ms-win-crt-heap-l1-1-0

free

api-ms-win-crt-math-l1-1-0

_dclass

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_fstat64

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 5.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 106KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

552602b0f3461eb6b49f84c942da52dd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

libcrypto-1_1

libssl-1_1

zlib1

crypt32

normaliz

version

wldap32

mfc140u

kernel32

user32

advapi32

shell32

comctl32

ole32

oleaut32

msvcp140

sqlite3

wsock32

vcruntime140

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-locale-l1-1-0

msvcrt

iphlpapi

psapi

Sections

.text Size: 5.7MB - Virtual size: 14.7MB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 106KB - Virtual size: 108KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 5.7MB - Virtual size: 14.7MB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 106KB - Virtual size: 108KB

.sedata
Size: 4KB - Virtual size: 4KB