261bf660a01d4d2f1dfe51e2234d07598f40e3c2f5d1f330f338efae3487c689

Sharing

Copy URL

Twitter E-mail

General

Target

261bf660a01d4d2f1dfe51e2234d07598f40e3c2f5d1f330f338efae3487c689
Size

29KB
MD5

f6a56bf8bc4e136785f72302cb05904d
SHA1

e9f3b5f8f339e3b6430ef6ad64ccfa1c5480acd3
SHA256

261bf660a01d4d2f1dfe51e2234d07598f40e3c2f5d1f330f338efae3487c689
SHA512

9370df13e5946170918ec25e9b245a8df71ac51226a1c5f427416c3274df6efe3fc443844088d374721ee062d639eb050e342e340b553818406e8294f6e23a0c
SSDEEP

384:k00jeomCTQcrR5pdoOJCx1adyadGj53XbFdE8YH6F7QqZnnqmrBP:kj7VrR/dQT1FO8YH6F0Mbr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
261bf660a01d4d2f1dfe51e2234d07598f40e3c2f5d1f330f338efae3487c689

Files

261bf660a01d4d2f1dfe51e2234d07598f40e3c2f5d1f330f338efae3487c689
.exe windows x86

31b9880b5bc074595c8dc3a2f955d556

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetTickCount
GetVersionExA
Sleep
EnterCriticalSection
lstrcpynA
GetComputerNameA
DeleteCriticalSection
FreeLibrary
InitializeCriticalSection
LoadLibraryA
LeaveCriticalSection
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetProcAddress
GetModuleHandleA
GetStartupInfoA

user32

wsprintfW
SetDlgItemInt
SendDlgItemMessageA
PostMessageA
GetFocus
GetDlgItemTextA
EnableWindow
GetDlgItem
SetWindowTextA
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessagePos
ScreenToClient
LoadBitmapA
UnregisterClassA
SetFocus
EndDialog
wsprintfA
GetSysColor
DialogBoxParamA
GetClassInfoExA
LoadIconA
RegisterClassExA
SendMessageA
SetDlgItemTextA

gdi32

DeleteObject
SetTextColor
CreateFontIndirectA
CreateSolidBrush
SetBkColor

shell32

ShellExecuteA

ws2_32

WSAAsyncGetHostByName
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
WSAEventSelect
htons
connect
WSACloseEvent
closesocket
socket
gethostbyaddr
WSAAsyncGetHostByAddr
WSAGetLastError
gethostname
ntohl
htonl
inet_ntoa
inet_addr
gethostbyname
WSACleanup
WSACreateEvent
WSAStartup

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Create
ImageList_Destroy

msvcrt

_controlfp
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_beginthreadex
fprintf
_iob
vsprintf
printf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__set_app_type
__p__fmode
strtok

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

31b9880b5bc074595c8dc3a2f955d556

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ws2_32

comctl32

msvcrt

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 16KB