d23582155a8c0a274ce2243c46a600fbfd82115dbe2d1a189335b0139b270acf

Sharing

Copy URL Twitter E-mail

General

Target

d23582155a8c0a274ce2243c46a600fbfd82115dbe2d1a189335b0139b270acf
Size

88KB
MD5

11788fb67fcb6ef20041bfb740fc0cdf
SHA1

ff7ecfbb16a2c12d3908d939d7eb0902346775c8
SHA256

d23582155a8c0a274ce2243c46a600fbfd82115dbe2d1a189335b0139b270acf
SHA512

e2f03eefb3dc1c9a1d3a695df049c04d8ed43c7032bc0d68bc6e3cb79372c00afe617c897a4438bda3fd611e69bc6530b0e9e6ab639dfd887fd51d273f284fbb
SSDEEP

1536:CR46qRFsLbO9hCF9idW2aS5KER+gC5PqKTWj8OKBPzCzz8lbfDp+LmoN:YLbT9EqRG0dTp7p+yo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d23582155a8c0a274ce2243c46a600fbfd82115dbe2d1a189335b0139b270acf

Files

d23582155a8c0a274ce2243c46a600fbfd82115dbe2d1a189335b0139b270acf
.exe windows x86

4a51da3c21fcda484b314b3e5f52691b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
LeaveCriticalSection
LocalUnlock
LocalLock
EnterCriticalSection
LocalAlloc
DeleteCriticalSection
WaitForMultipleObjects
CreateThread
LocalFree
InitializeCriticalSection
GetWindowsDirectoryA
GetVersionExA
GlobalFree
CreateEventA
Sleep
lstrcpynA
CreateMutexA
GetProcAddress
LoadLibraryA
CopyFileA
GetCurrentDirectoryA
GetSystemDirectoryA
lstrcmpiA
CreateFileA
lstrlenA
lstrcatA
CloseHandle
DeviceIoControl
GetLastError
ResetEvent
GlobalAlloc
GetSystemTime
GetCommandLineA
GetVersion
GetEnvironmentStringsW
GetTimeZoneInformation
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
GetCurrentThreadId
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
InterlockedIncrement
GetFileType
GetStartupInfoA
InterlockedDecrement
WriteFile
SetHandleCount
RtlUnwind
GetLocalTime
HeapFree
HeapAlloc
ResumeThread
TlsSetValue
ExitThread
DeleteFileA
GetModuleHandleA
GetEnvironmentVariableA
GetStdHandle
ExitProcess
ReadFile
SetFilePointer
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

SetDlgItemTextA
EndDialog
PostMessageA
wsprintfA
DestroyIcon
LoadImageA
DialogBoxParamA
MessageBoxA
SetForegroundWindow
KillTimer
SetTimer
FindWindowA
SendMessageA
ShowWindow

advapi32

RegSetValueExA
RegCreateKeyA
RegSetValueA
RegDeleteValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
RegDeleteKeyA

shell32

Shell_NotifyIconA

wsock32

listen
htonl
getsockname
recv
WSAStartup
WSACleanup
inet_ntoa
recvfrom
socket
bind
closesocket
setsockopt
htons
sendto
send
WSAGetLastError
gethostname
gethostbyname
accept

netapi32

Netbios

winmm

timeSetEvent
timeKillEvent

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4a51da3c21fcda484b314b3e5f52691b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wsock32

netapi32

winmm

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 4KB - Virtual size: 4KB