8ecab0ec5b748b901be5944797894eecd596788fee52f875a7dcd938abcb8356

Sharing

Copy URL Twitter E-mail

General

Target

8ecab0ec5b748b901be5944797894eecd596788fee52f875a7dcd938abcb8356
Size

4.0MB
MD5

c23c86adbac8e9dde2340ffe5eab21ce
SHA1

fecea684fed4b0221af05aa2821ae0eeda920240
SHA256

8ecab0ec5b748b901be5944797894eecd596788fee52f875a7dcd938abcb8356
SHA512

20a4fefe7b5f783e27b6a35475067998244a3be4c889cbea043b63f0eaef3053835ff152331ff3bf45b53abefe250a3be797b3079f533802e551b976339d6b00
SSDEEP

98304:eYSQKYOF8Tlxsn+jSeWC5cIYl9BtLTzTAwNluJLLNinUWqyeM:1KYOuDU+j75cIYlXZTzkyluJLLW/eM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ecab0ec5b748b901be5944797894eecd596788fee52f875a7dcd938abcb8356

Files

8ecab0ec5b748b901be5944797894eecd596788fee52f875a7dcd938abcb8356
.exe windows:6 windows x86 arch:x86

7b979a0e5496fbd21886c37cb6887216

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shlwapi

StrRetToBufW

version

VerQueryValueW

user32

GetDC

psapi

GetProcessImageFileNameW

oleaut32

VariantInit

advapi32

FreeSid

msvcrt

_gcvt

rasapi32

RasEnumConnectionsW

winhttp

WinHttpOpen

sqlite3

sqlite3_free

wsock32

bind

gdi32

Pie

mpr

WNetGetConnectionW

winmm

timeGetTime

wininet

InternetOpenW

comdlg32

PrintDlgW

comctl32

ImageList_Add

shell32

SHGetMalloc

wjslib

WJSOpen

ole32

OleDraw

iphlpapi

GetAdaptersInfo

ntdll

NtDeleteFile

powrprof

SetSuspendState

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

Size: 3.8MB - Virtual size: 16.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7b979a0e5496fbd21886c37cb6887216

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

version

user32

psapi

oleaut32

advapi32

msvcrt

rasapi32

winhttp

sqlite3

wsock32

gdi32

mpr

winmm

wininet

comdlg32

comctl32

shell32

wjslib

ole32

iphlpapi

ntdll

powrprof

Exports

Exports

Sections

Size: 3.8MB - Virtual size: 16.0MB

Size: 6KB - Virtual size: 5KB

.rsrc Size: 182KB - Virtual size: 181KB

.rsrc
Size: 182KB - Virtual size: 181KB