740deacaf5a6e5306aedc99da210d743d1bc1a11778fd7581fbd8cc6766557cc

Sharing

Copy URL Twitter E-mail

General

Target

740deacaf5a6e5306aedc99da210d743d1bc1a11778fd7581fbd8cc6766557cc
Size

4.0MB
MD5

badf72e7868891146f36e732b5304f1b
SHA1

883ae64e136c7978d5f5f177a3d699337f0da9e7
SHA256

740deacaf5a6e5306aedc99da210d743d1bc1a11778fd7581fbd8cc6766557cc
SHA512

eefa341c78fd580ad9d68e3ffabfdeb3cae21f3798ebaba501cacb0cb4e10bccbbd9cc63d1a95aeb8858f07d4a66cb3f366fb99b88684de20a31f0f31f0d7237
SSDEEP

98304:kN0/ZROthHKLf5J6YF2uHCozP3Zf1PGSH63Q6Yjo/9:kN0vhLfa02uHCozP31N77e/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
740deacaf5a6e5306aedc99da210d743d1bc1a11778fd7581fbd8cc6766557cc

Files

740deacaf5a6e5306aedc99da210d743d1bc1a11778fd7581fbd8cc6766557cc
.exe windows:6 windows x86 arch:x86

9ca646d74e4d6b143e24f528ee0318a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrRetToBufW

version

VerQueryValueW

user32

GetDC

psapi

GetProcessImageFileNameW

oleaut32

VariantInit

advapi32

FreeSid

msvcrt

_gcvt

rasapi32

RasEnumConnectionsW

winhttp

WinHttpOpen

sqlite3

sqlite3_free

wsock32

bind

gdi32

Pie

mpr

WNetGetConnectionW

winmm

timeGetTime

wininet

InternetOpenW

comdlg32

PrintDlgW

comctl32

ImageList_Add

shell32

SHGetMalloc

wjslib

WJSOpen

ole32

OleDraw

iphlpapi

GetIfEntry

ntdll

NtDeleteFile

powrprof

SetSuspendState

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

Size: 3.8MB - Virtual size: 15.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9ca646d74e4d6b143e24f528ee0318a6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

version

user32

psapi

oleaut32

advapi32

msvcrt

rasapi32

winhttp

sqlite3

wsock32

gdi32

mpr

winmm

wininet

comdlg32

comctl32

shell32

wjslib

ole32

iphlpapi

ntdll

powrprof

Exports

Exports

Sections

Size: 3.8MB - Virtual size: 15.8MB

Size: 6KB - Virtual size: 5KB

.rsrc Size: 182KB - Virtual size: 182KB

.rsrc
Size: 182KB - Virtual size: 182KB