31698e00c412f6b84023c4b99e0176bd1dbbd4c5c2e5eb2ab4d962914aaf61c9N

Sharing

Copy URL Twitter E-mail

General

Target

31698e00c412f6b84023c4b99e0176bd1dbbd4c5c2e5eb2ab4d962914aaf61c9N
Size

45KB
MD5

d56cd8e391700046142a7cd267e056b0
SHA1

598bd1d289f8cd1e79f16e80847cf1b4877e4b41
SHA256

31698e00c412f6b84023c4b99e0176bd1dbbd4c5c2e5eb2ab4d962914aaf61c9
SHA512

a867a9573b1c0d01aedac23ad7cbe9dbe052868f9e3a5d75bca973751a8a7594d925f3d09bfcf0346cdf5cd4b9bd8e4a44b7a48fdcf2e700bec2d6ab990b8616
SSDEEP

768:OToWCMaPELQvUgKKjuIq8ms/v5Nk4xvfLFA8nTQnHvdMogGfgfU02u:jWQMvgpHq8k4xXLLTKPduGf502u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31698e00c412f6b84023c4b99e0176bd1dbbd4c5c2e5eb2ab4d962914aaf61c9N

Files

31698e00c412f6b84023c4b99e0176bd1dbbd4c5c2e5eb2ab4d962914aaf61c9N
.exe windows:5 windows x86 arch:x86

98adeedf41b033feb2e742e01dc2d5a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyAcceleratorTableW
SetUserObjectInformationA
EnumPropsExA
DrawMenuBar
DisplayExitWindowsWarnings
SetProcessWindowStation
GetDlgItem
GetMenuInfo
InitializeLpkHooks
ShowScrollBar
LockWorkStation
GetWindowModuleFileNameA
IsWindow
SetMenuDefaultItem
GetMenuItemRect
GetDesktopWindow
GetMessageExtraInfo
GetMonitorInfoW
EnumDisplayDevicesW
SetProcessDefaultLayout
GetWindowThreadProcessId
DispatchMessageA
SetWindowsHookW
EndTask
CharUpperW
GetClipboardData
DdeSetUserHandle
VkKeyScanW
SetWindowStationUser
AttachThreadInput
CharToOemW
IMPGetIMEW
GetTopWindow

sqlwoa

_CreateFont@56
_TextOut@20
_CallWindowProc@20
_CharUpper@4
_GetProp@8
_CommDlg_OpenSave_GetFolderPath@12
_SetDlgItemText@12
_LoadMenu@8
_CommDlg_OpenSave_GetFilePath@12
_LoadString@16
_LoadIcon@8
_FreeEnvironmentStrings@4
AllocConvertMultiSZNameToA
_GetDlgItemText@16
_GetTextExtentPoint32@16
_FindResource@12
_MoveFile@8
_RemoveProp@8
_GetClassInfo@12
_PostMessage@16
newMultiByteFromWideChar
_GetOpenFileName@4
_SetWindowLong@12
_GetWindowTextLength@4
ConvertMultiSZNameToW
_LoadLibrary@4
_GetDiskFreeSpaceEx@16
_LoadCursor@8
_GetWindowLong@8
_GetObject@12
_CommDlg_OpenSave_GetSpec@12

wininet

InternetAutodialHangup
FtpPutFileEx
HttpQueryInfoW
GopherGetAttributeA
InternetCombineUrlA
InternetShowSecurityInfoByURLW
InternetSetCookieW
InternetAlgIdToStringA
InternetConfirmZoneCrossingA
InternetWriteFile
UpdateUrlCacheContentPath
InternetCheckConnectionW
GopherOpenFileA
CreateMD5SSOHash
GetUrlCacheGroupAttributeA
InternetCanonicalizeUrlA
FtpPutFileW
CreateUrlCacheContainerA
GetUrlCacheEntryInfoExA
FindNextUrlCacheEntryA
InternetSetOptionA
InternetGetConnectedStateExW
CreateUrlCacheGroup
FindFirstUrlCacheContainerW
FtpRenameFileA
InternetSetStatusCallbackW
InternetSetDialState
IncrementUrlCacheHeaderData

kernel32

GetCPInfo
EnumCalendarInfoExW
GetStringTypeExW
GetLongPathNameA
LoadLibraryA
SetCommBreak
VirtualFreeEx
SetCommState
FindNextFileA
VirtualAlloc
BindIoCompletionCallback
GetFileInformationByHandle
ReadConsoleW
GetConsoleTitleA
DeleteFileA
CreateTimerQueueTimer
CreateWaitableTimerA
GetProcAddress
GlobalAlloc
GetModuleHandleW
GetTempFileNameW
GetNextVDMCommand
GetConsoleCursorInfo
GetConsoleCommandHistoryLengthA
GetStringTypeW
GetSystemDirectoryW
GetStartupInfoA
CreateEventW
EnumLanguageGroupLocalesW
GetExpandedNameA
CreateWaitableTimerW

msvcrt

realloc
_access
_seterrormode
_wgetdcwd
__p__commode
tmpnam
_time64
wcspbrk
_mbsnicoll
_adj_fdiv_r
_mkdir
tan
_wspawnl
_setmode
__winitenv
__p___winitenv
exit
_fcvt
_mbsnbcat
getwc
__CxxExceptionFilter
_fstati64
_swab
_wfindnext64
scanf
wcstol
_flsbuf
wcstod
_putwch
??0bad_typeid@@QAE@PBD@Z
_tell
??_Gexception@@UAEPAXI@Z
__p___argc
_wtempnam
wcstombs
__set_app_type
wcsftime
towupper

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98adeedf41b033feb2e742e01dc2d5a6

Headers

DLL Characteristics

File Characteristics

Imports

user32

sqlwoa

wininet

kernel32

msvcrt

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB