93EADEA625787E16FFB2531952DCE8D8[.]exe

General

Target

93EADEA625787E16FFB2531952DCE8D8.exe
Size

108KB
MD5

93eadea625787e16ffb2531952dce8d8
SHA1

cdb55089deeb5c9c0c5a465e2b1d6a1aaa0db770
SHA256

91853e0562fb94a05fcfeaf9287b7ec46d5a8d341b8247871a7d125a7d78509d
SHA512

cfa74855b78e46f18eaa7715b46aa63c0c187ee0b4707ed2adec4441d8fd187f77de322134afcaec64e7510f56ae23f10eeb1914545ce076cdec9d2ab19a49f4
SSDEEP

1536:vkZMwv1oN0h2GTbWJDw84kxb4i6SmtlghpjzBKeXFiT4oQn007w:vk6HN0hp/WRwiNiLgv9RXFS4oQ00

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93EADEA625787E16FFB2531952DCE8D8.exe

Files

93EADEA625787E16FFB2531952DCE8D8.exe
.exe windows x86

7d9ed02d9225114e820e705bfb27478d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
WaitForSingleObject
CreateProcessA
GetEnvironmentVariableA
ReadFile
SetConsoleMode
GetConsoleMode
GetFileType
WriteFile
GetStdHandle
MultiByteToWideChar
GetStringTypeA
GetCurrentProcessId
SetFileAttributesA
GetTimeZoneInformation
GetFileInformationByHandle
SetCurrentDirectoryA
PeekNamedPipe
GetCurrentDirectoryA
DeleteFileA
GetFullPathNameA
GetDriveTypeA
FileTimeToLocalFileTime
FindFirstFileA
FindClose
LCMapStringW
FileTimeToSystemTime
GetFileAttributesA
SetEndOfFile
LCMapStringA
SetEnvironmentVariableA
GetOEMCP
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetLastError
SetConsoleCtrlHandler
DuplicateHandle
HeapAlloc
GetCommandLineA
GetVersion
FlushFileBuffers
SetHandleCount
GetStartupInfoA
HeapDestroy
CloseHandle
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
LoadLibraryA
GetStringTypeW
RtlUnwind
SetFilePointer
UnhandledExceptionFilter
SetStdHandle
CreatePipe
GetExitCodeProcess
GetProcAddress
GetModuleHandleA
GetEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
GetCPInfo
CompareStringA
CompareStringW
GetACP

wsock32

WSAStartup
gethostname
shutdown
bind
getservbyname
accept
ioctlsocket
listen
__WSAFDIsSet
connect
gethostbyname
socket
closesocket
inet_addr
getsockname
send
setsockopt
WSAGetLastError
htons
recv
select

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7d9ed02d9225114e820e705bfb27478d

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 80KB - Virtual size: 80KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 32KB

.text
Size: 80KB - Virtual size: 80KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 32KB