a76c8329c40ccdf30c254fd9f8c865da96a06dcd625001aa45aa840142e5b375

Sharing

Copy URL Twitter E-mail

General

Target

a76c8329c40ccdf30c254fd9f8c865da96a06dcd625001aa45aa840142e5b375
Size

944KB
MD5

a5d95dd45aa4a742f62bb96c3072c55b
SHA1

d457010fa370ddf329e822f62a402a52bfe429b9
SHA256

a76c8329c40ccdf30c254fd9f8c865da96a06dcd625001aa45aa840142e5b375
SHA512

90be29fb7a784f006aeadfb1ffb4c99d427b7f91f6b84b901f1494a132928bdbc0f84ac9255b036f546a14bd23c56ebf5a904f2678187e89bf0aa34028b05f77
SSDEEP

12288:OiJkng9LLXze+iGAI1UZq/HCCUwmKYkgQwwiwaCHy9V77Mr6cwrCfVZEYzVFRj7F:OiJkngBje+OI1UtDkgI7P3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a76c8329c40ccdf30c254fd9f8c865da96a06dcd625001aa45aa840142e5b375

Files

a76c8329c40ccdf30c254fd9f8c865da96a06dcd625001aa45aa840142e5b375
.dll windows x86

f5a9a2dd5a6ca29f3e7f62a618dcd547

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_ntoa
WSAStartup
WSACleanup
gethostbyname
getpeername
shutdown
closesocket
setsockopt
send
recv
getservbyname
ntohs
socket
WSAGetLastError
inet_addr
htons
connect

kernel32

SetEndOfFile
GetLocaleInfoW
SetStdHandle
LCMapStringW
LCMapStringA
CompareStringW
CompareStringA
LoadLibraryA
GetOEMCP
GetACP
SetFilePointer
FlushFileBuffers
GetStringTypeW
GetStringTypeA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
SetNamedPipeHandleState
GetCurrentDirectoryA
CreateFileA
GetLastError
UnmapViewOfFile
WaitForSingleObject
SetEvent
MapViewOfFile
OpenFileMappingA
OpenEventA
GetWindowsDirectoryA
ReadFile
WriteFile
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
InterlockedIncrement
CreateSemaphoreA
InterlockedDecrement
GetFullPathNameA
GetDriveTypeA
WaitNamedPipeA
WideCharToMultiByte
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
MultiByteToWideChar
Sleep
GetFileAttributesA
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
RtlUnwind
GetProcAddress
RaiseException
GetCurrentThreadId
SetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetEnvironmentVariableW
SetEnvironmentVariableA
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID

advapi32

RegEnumValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 736KB - Virtual size: 775KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f5a9a2dd5a6ca29f3e7f62a618dcd547

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 736KB - Virtual size: 775KB

.rsrc Size: 4KB - Virtual size: 884B

.data Size: 16KB - Virtual size: 13KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 736KB - Virtual size: 775KB

.rsrc
Size: 4KB - Virtual size: 884B

.data
Size: 16KB - Virtual size: 13KB