22daff7d965b8869d1c7cd9e71e7ee76066c63f103a3935570f637f9e7b1b54eN

General

Target

22daff7d965b8869d1c7cd9e71e7ee76066c63f103a3935570f637f9e7b1b54eN
Size

760KB
MD5

f528e2483cb03fb37c43a35cf00b5540
SHA1

94f91ff658cde3ec2b2a1fdd411c8a674226ce44
SHA256

22daff7d965b8869d1c7cd9e71e7ee76066c63f103a3935570f637f9e7b1b54e
SHA512

cb326c0cc66e00d552deb34df99618e2c2d5d3dfb33bd1914ce5bceb912d6c9669e46919a57ba5ef1e69e2a7146a735d1ff6bc53ddb1cd95468883b00fb91566
SSDEEP

12288:1yTw2tFes/xvL76lcDq8eP+KStLyHrMt8P1lG4kUrlEX:18w4h5v8t9+KStLON1DOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22daff7d965b8869d1c7cd9e71e7ee76066c63f103a3935570f637f9e7b1b54eN

Files

22daff7d965b8869d1c7cd9e71e7ee76066c63f103a3935570f637f9e7b1b54eN
.exe windows:5 windows x86 arch:x86

311ca0ce0f4725c0f2a55214c60b26b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

VirtualAlloc

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathRemoveExtensionW

wininet

FtpCommandA

msvcrt

isupper
_itow
wcscat
wcslen
_except_handler3
_ultoa
__dllonexit
sprintf
_onexit
_wcsnicmp
_wcsicmp
qsort
wcscpy
memmove
atol
strncmp
isdigit
malloc
_ltow
wcschr
free
strncpy
isxdigit
_adjust_fdiv
_ltoa
_snwprintf

shell32

SHGetFileInfoW
Shell_NotifyIconW

ws2_32

WSAGetLastError

rpcrt4

RpcImpersonateClient
NdrClientCall2
RpcRevertToSelf
RpcBindingFromStringBindingW

Sections

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 718KB - Virtual size: 718KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

311ca0ce0f4725c0f2a55214c60b26b1

Headers

DLL Characteristics

File Characteristics

Imports

oleacc

kernel32

shlwapi

wininet

msvcrt

shell32

ws2_32

rpcrt4

Sections

.rsrc Size: 23KB - Virtual size: 23KB

.data Size: 7KB - Virtual size: 2.0MB

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 718KB - Virtual size: 718KB

.reloc Size: 512B - Virtual size: 20B

.rsrc
Size: 23KB - Virtual size: 23KB

.data
Size: 7KB - Virtual size: 2.0MB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 718KB - Virtual size: 718KB

.reloc
Size: 512B - Virtual size: 20B