0541e0e6a00687666caf33feb98a36333d84f87b47f5097c79c1d0c80ec5e7b8

Sharing

Copy URL Twitter E-mail

General

Target

0541e0e6a00687666caf33feb98a36333d84f87b47f5097c79c1d0c80ec5e7b8
Size

858KB
MD5

022159c3d3cb0d4815e72343f3c5aab4
SHA1

9cb6108bc765b182b3b50f60482f055c2dacc010
SHA256

0541e0e6a00687666caf33feb98a36333d84f87b47f5097c79c1d0c80ec5e7b8
SHA512

444fd4401c412c54e250f9e54861e57a06f0b0ab82601ca798593e58b0d8ce615ddb152899d611ac1183b2d39d5ba3e2d57d46ee9d7b3621778ca165b68c316a
SSDEEP

3072:Moh78AZ1FvUsGR1EUxAo+pOkCpC2Q12FKLs7S3x6lNyyvFutKgnBvEf:M+Jo15Ao+pOfu2FKwu3UbFuDEf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0541e0e6a00687666caf33feb98a36333d84f87b47f5097c79c1d0c80ec5e7b8

Files

0541e0e6a00687666caf33feb98a36333d84f87b47f5097c79c1d0c80ec5e7b8
.exe windows:5 windows x86 arch:x86

a76d13408edbcbe22f061bfdcb87055b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\VS2008\HansAdvInterfaceTest_20240125\HansAdvInterfaceTest\Debug HLM\HansAdvInterfaceTest_D.pdb

Imports

hansadvinterfaceu_d

ord69
ord2
ord7
ord51
ord25
ord161
ord38
ord3
ord5
ord9
ord16
ord21
ord19
ord41
ord42
ord22
ord132
ord10
ord11
ord139
ord13
ord131
ord130
ord136
ord133
ord113
ord112
ord147
ord39
ord8
ord111
ord106
ord40
ord92
ord137
ord149
ord150
ord160
ord162
ord17
ord12

mfc90ud

ord3569
ord3574
ord3557
ord3559
ord3561
ord3555
ord3571
ord3551
ord1229
ord1225
ord1227
ord1223
ord1218
ord7642
ord7644
ord8868
ord2307
ord6487
ord7015
ord5197
ord1900
ord3245
ord7593
ord6377
ord9365
ord7420
ord2701
ord7538
ord6446
ord2032
ord5987
ord2336
ord2339
ord8780
ord4659
ord2250
ord2251
ord2410
ord2411
ord6816
ord7203
ord7029
ord6407
ord7569
ord2849
ord3462
ord302
ord292
ord1476
ord1561
ord269
ord6142
ord365
ord677
ord2549
ord2552
ord3553
ord2564
ord2672
ord2677
ord2684
ord2565
ord784
ord8488
ord1375
ord8595
ord4008
ord2475
ord446
ord9110
ord2022
ord8633
ord1133
ord1733
ord5948
ord6158
ord5199
ord7280
ord7044
ord872
ord2942
ord3761
ord8266
ord5062
ord598
ord5990
ord9320
ord3251
ord8083
ord5849
ord963
ord1905
ord8530
ord961
ord3890
ord7954
ord3686
ord6268
ord1189
ord1186
ord286
ord8432
ord937
ord4640
ord3231
ord4005
ord5646
ord2718
ord8493
ord4155
ord4359
ord4734
ord779
ord2864
ord440
ord2743
ord4354
ord3895
ord9017
ord702
ord296
ord1135
ord316
ord5941
ord6932
ord6929
ord6895
ord6897
ord7294
ord6090
ord3845
ord9073
ord6458
ord6886
ord6889
ord8200
ord5668
ord3687
ord2170
ord6216
ord8145
ord4426
ord8111
ord2174
ord291
ord4477
ord9152
ord2166
ord916
ord674
ord3632
ord7996
ord1253
ord8007
ord3576
ord3564
ord3546
ord3548
ord3566
ord3256
ord3243
ord2209
ord9367
ord5739
ord9369
ord5071
ord7299
ord8730
ord4493
ord1968
ord7562
ord2782
ord2385
ord2384
ord2306
ord7590
ord4348
ord6712
ord6466
ord3033
ord1769
ord4899
ord406
ord5487
ord701
ord728
ord919
ord753
ord5779
ord1453
ord8902
ord2863
ord930
ord950
ord6164
ord6121
ord9366
ord5738
ord9368
ord6537
ord2906
ord2861
ord8169
ord5747
ord1389
ord7462
ord9297
ord7868
ord5781
ord2716
ord4474
ord7626
ord7628
ord3337
ord5991
ord6804
ord7638
ord7603
ord8152
ord3804
ord4122
ord4320
ord6518
ord4097
ord4323
ord3807
ord3996
ord3796
ord5598
ord5599
ord5589
ord3994
ord5994
ord6707
ord6465
ord3140
ord1857
ord8287
ord5054
ord690
ord6772
ord5530
ord943
ord2665
ord1663
ord1408
ord1503

msvcr90d

_unlock
wcscpy
wcslen
memset
wcsrchr
_itoa
fabs
vswprintf_s
??_V@YAXPAX@Z
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_invoke_watson
_controlfp_s
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
__CxxFrameHandler3
_CRT_RTC_INITW
_initterm_e
_initterm
_CrtDbgReportW
_CrtSetCheckCount
_wcmdln
exit
_cexit
_XcptFilter
_exit
__wgetmainargs
_amsg_exit

kernel32

GetPrivateProfileStringW
GetPrivateProfileIntW
Sleep
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoW
SetUnhandledExceptionFilter
QueryPerformanceCounter
MulDiv
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
WritePrivateProfileStringW
GetSystemTimeAsFileTime
IsDebuggerPresent
RaiseException
FreeLibrary
VirtualQuery
GetProcessHeap
HeapAlloc
HeapFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LoadLibraryA
GetProcAddress
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
DebugBreak

user32

OffsetRect
InflateRect
EqualRect
IntersectRect
SetRect
PtInRect
IsRectEmpty
CopyRect
SetRectEmpty
UnionRect
GetKeyState
GetSystemMetrics
SubtractRect

comctl32

InitCommonControlsEx

oleaut32

SysFreeString

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 536KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a76d13408edbcbe22f061bfdcb87055b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

hansadvinterfaceu_d

mfc90ud

msvcr90d

kernel32

user32

comctl32

oleaut32

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 81KB - Virtual size: 81KB

.rdata Size: 19KB - Virtual size: 19KB

.data Size: 1024B - Virtual size: 2KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 536KB - Virtual size: 540KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 81KB - Virtual size: 81KB

.rdata
Size: 19KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 2KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 536KB - Virtual size: 540KB