397d10a5dd9bc390f456ab7a19cef30c374b435ddc55cda5651d0bb58d9c7d56N

Sharing

Copy URL

Twitter E-mail

General

Target

397d10a5dd9bc390f456ab7a19cef30c374b435ddc55cda5651d0bb58d9c7d56N
Size

732KB
MD5

96c9c38b408f6ef23a3217af96a438f0
SHA1

b867b2ef4692ffdada47251bba31470d5bda8fd1
SHA256

397d10a5dd9bc390f456ab7a19cef30c374b435ddc55cda5651d0bb58d9c7d56
SHA512

f7a502aed75a1f02e0cbde46fec68fd200a9e0727c419c720701b4786038026371e97e28850118979f0d94d67774dbbc9cf8ba0dc18d76a6b3ded506257d77be
SSDEEP

12288:CSCj+AKS8v0s4KZXc3ajG+hjQKymY8efKCpD7Gj9G6G1qT8nQkCu83L3Wl/np9DX:CSCj+/S8v0s4KZsqjnhMgeiCl7G0nehk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
397d10a5dd9bc390f456ab7a19cef30c374b435ddc55cda5651d0bb58d9c7d56N

Files

397d10a5dd9bc390f456ab7a19cef30c374b435ddc55cda5651d0bb58d9c7d56N
.exe windows:4 windows x86 arch:x86

d48a0bf6f4d06b2e4b41dadcac250409

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__getmainargs
__initenv
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_close
_errno
_execlp
_execvp
_fdopen
_fileno
_fmode
_initterm
_iob
_isatty
_lock
_onexit
_open
_putenv
_read
_sopen
_strdup
_unlock
_vsnprintf
abort
atoi
calloc
exit
fclose
fgets
fopen
fprintf
fputc
fread
free
fwrite
getenv
malloc
memcmp
memset
memcpy
printf
putchar
puts
rand
realloc
setlocale
signal
sprintf
sscanf
strchr
strcmp
strcpy
strlen
strncmp
strrchr
system
vfprintf

libice-6

IceConnectionNumber
IceProcessMessages

libsm-6

SmcCloseConnection
SmcGetIceConnection
SmcOpenConnection
SmcRequestSaveYourselfPhase2
SmcSaveYourselfDone
SmcSetProperties

libx11-6

XAddToSaveSet
XAllocColor
XAllocNamedColor
XBell
XChangeGC
XChangeProperty
XChangeWindowAttributes
XCheckIfEvent
XCheckMaskEvent
XCheckTypedWindowEvent
XCirculateSubwindowsDown
XCirculateSubwindowsUp
XClearArea
XCloseDisplay
XConfigureWindow
XCopyPlane
XCreateBitmapFromData
XCreateFontCursor
XCreateFontSet
XCreateGC
XCreatePixmap
XCreatePixmapCursor
XCreatePixmapFromBitmapData
XCreateSimpleWindow
XCreateWindow
XDefineCursor
XDeleteContext
XDestroyWindow
XDisplayName
XDrawImageString
XDrawLine
XDrawLines
XDrawRectangle
XDrawSegments
XDrawString
XExtentsOfFontSet
XFetchBytes
XFillRectangle
XFindContext
XFlush
XFontsOfFontSet
XFree
XFreeFont
XFreeFontSet
XFreeGC
XFreePixmap
XFreeStringList
XGetClassHint
XGetCommand
XGetGeometry
XGetRGBColormaps
XGetTextProperty
XGetTransientForHint
XGetWMColormapWindows
XGetWMHints
XGetWMIconName
XGetWMName
XGetWMNormalHints
XGetWMProtocols
XGetWindowAttributes
XGetWindowProperty
XGrabButton
XGrabKey
XGrabPointer
XGrabServer
XInstallColormap
XInternAtom
XInternAtoms
XKeysymToKeycode
XKillClient
XListProperties
XLoadQueryFont
XLookupColor
XLookupKeysym
XLowerWindow
XMapRaised
XMapSubwindows
XMapWindow
XMaskEvent
XMoveResizeWindow
XMoveWindow
XParseColor
XParseGeometry
XQueryColor
XQueryPointer
XQueryTree
XRaiseWindow
XReadBitmapFile
XRecolorCursor
XRemoveFromSaveSet
XReparentWindow
XResizeWindow
XSaveContext
XSelectInput
XSendEvent
XSetErrorHandler
XSetForeground
XSetInputFocus
XSetLineAttributes
XSetStandardProperties
XSetWindowBorder
XSetWindowBorderPixmap
XSetWindowBorderWidth
XStoreBytes
XStringToKeysym
XSupportsLocale
XSync
XTextWidth
XTranslateCoordinates
XUngrabKey
XUngrabPointer
XUngrabServer
XUnmapWindow
XWarpPointer
XmbDrawImageString
XmbDrawString
XmbTextExtents
XmbTextPropertyToTextList
XrmUniqueQuark

libxext-6

XShapeCombineMask
XShapeCombineRectangles
XShapeCombineShape
XShapeQueryExtension
XShapeQueryExtents
XShapeSelectInput
XSyncGetPriority
XSyncQueryExtension
XSyncSetPriority

libxmu-6

XmuCompareISOLatin1
XmuCopyISOLatin1Lowered
XmuDrawLogo
XmuLocateBitmapFile
XmuPrintDefaultErrorMessage

libxt-6

XtAppAddInput
XtAppAddSignal
XtAppNextEvent
XtCreateApplicationContext
XtDispatchEvent
XtOpenDisplay
XtRemoveInput
XtToolkitInitialize

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 568KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d48a0bf6f4d06b2e4b41dadcac250409

Headers

File Characteristics

Imports

kernel32

msvcrt

libice-6

libsm-6

libx11-6

libxext-6

libxmu-6

libxt-6

Sections

.text Size: 117KB - Virtual size: 116KB

.data Size: 2KB - Virtual size: 1KB

.rdata Size: 22KB - Virtual size: 21KB

/4 Size: 14KB - Virtual size: 14KB

.bss Size: - Virtual size: 10KB

.idata Size: 7KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 568KB - Virtual size: 572KB

.text
Size: 117KB - Virtual size: 116KB

.data
Size: 2KB - Virtual size: 1KB

.rdata
Size: 22KB - Virtual size: 21KB

/4
Size: 14KB - Virtual size: 14KB

.bss
Size: - Virtual size: 10KB

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 568KB - Virtual size: 572KB