90654cbb9c08e0b789fa2efea9628c1d316f3bf155d05508e06b20d1cc6b4427N

Sharing

Copy URL Twitter E-mail

General

Target

90654cbb9c08e0b789fa2efea9628c1d316f3bf155d05508e06b20d1cc6b4427N
Size

151KB
MD5

23848add9cf500f7c1fbd9688043daa0
SHA1

748fc876f48d38576544f484a3c1382e5bf716a9
SHA256

90654cbb9c08e0b789fa2efea9628c1d316f3bf155d05508e06b20d1cc6b4427
SHA512

c3162dd9b866cdf146d5eb6beedcc6445a56516e5146104bbeba857da298f6db8aaa31b52417b91c9421e8de4e31a0e47d4f34db521a0d6d17faf921854bdd3c
SSDEEP

3072:+qdmiJ/pOY/Q8MP2zjxsD42y/m+voXbVY0F1/gyd8kw7mj:WK/FvMP2JsDLyuY2bVvoydgq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90654cbb9c08e0b789fa2efea9628c1d316f3bf155d05508e06b20d1cc6b4427N

Files

90654cbb9c08e0b789fa2efea9628c1d316f3bf155d05508e06b20d1cc6b4427N
.exe windows:1 windows x86 arch:x86

afb240a587816a5e13e517ddb3746e05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatA
GetProcessHeap
SetEnvironmentVariableA
GlobalMemoryStatus
QueryPerformanceCounter
GetModuleHandleA
GetVersion
WriteConsoleW
lstrcmpA
lstrcmpiA
IsValidCodePage
Module32Next
LCMapStringA
Module32First
GetCommandLineA
InterlockedDecrement
DuplicateHandle
MultiByteToWideChar
SetErrorMode
GlobalLock
InterlockedExchange
GetStringTypeA
GlobalAddAtomA
SetHandleCount
FreeLibrary
FileTimeToLocalFileTime
GetLocaleInfoW
GetLastError
LocalAlloc
GlobalReAlloc
GetStartupInfoA

gdi32

RestoreDC
CreateSolidBrush
StartDocA
SelectClipRgn
DeleteDC
CreateFontIndirectA
CreateDIBSection
ExtTextOutA
Polyline
GetObjectA
SaveDC
LineTo
SetROP2
GetTextMetricsA
SelectObject
CreateRectRgnIndirect
GetDeviceCaps

msvcrt

_timezone
_wgetcwd
_chmod
_heapadd
_cwprintf
_mbsncmp
exit
_telli64
_initterm
_wspawnv
_exit
iswxdigit
__p__fmode
_acmdln
_wcsupr
_wcsnicmp
_wfindfirst
_controlfp
_vscprintf
_rotl
_putws
strcpy
_mbsnbcoll
iswgraph
memcpy
_except_handler3
_safe_fprem
__p__commode
_ismbcupper
_mktime64
_fileno
_mbsnbset
_ultow
__set_app_type
_futime
wcsncmp
__setusermatherr
_mbschr
bsearch
_XcptFilter
_adjust_fdiv
malloc
_chgsign
__getmainargs

user32

GetPropA
PostMessageA
TrackPopupMenuEx
SetTimer
InvalidateRect
DrawMenuBar
GetSysColor
SetFocus
DestroyIcon
EndPaint
wsprintfA
GetMenuItemCount
TrackPopupMenu
FillRect
FrameRect
IsZoomed
GetMessageA
SetUserObjectSecurity
RemoveMenu
GetParent
SetCapture
MoveWindow
TranslateMessage

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afb240a587816a5e13e517ddb3746e05

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msvcrt

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 204KB

.rsrc Size: 117KB - Virtual size: 116KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 204KB

.rsrc
Size: 117KB - Virtual size: 116KB