3d09c3c2cdff44caaa9a40092eced7b69708ff4538aa11edb319a9a657406fda

Sharing

Copy URL

Twitter E-mail

General

Target

3d09c3c2cdff44caaa9a40092eced7b69708ff4538aa11edb319a9a657406fda
Size

98KB
MD5

89a3b4e69e0daf05e8877a50f5b065c4
SHA1

6393280644b1e9d9b8a14762acebdc3de758481f
SHA256

3d09c3c2cdff44caaa9a40092eced7b69708ff4538aa11edb319a9a657406fda
SHA512

737854155ae4be29274b4bdad00af1242e9cb9e6bd35a847f0f77c492e468b9d3554e6e6d47a133fad529ea2d3aa57e507c0872f3d1cc84145b8318b785fbb4a
SSDEEP

384:oqe+eOtEpdKeZ+nUm6y+eyclswj4wazFYk1eHnHLIIu1NdNPi/UDyWj60sbqoIxC:ouraTm6y/lswGhYcenM1NdNeQWbvwV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d09c3c2cdff44caaa9a40092eced7b69708ff4538aa11edb319a9a657406fda

Files

3d09c3c2cdff44caaa9a40092eced7b69708ff4538aa11edb319a9a657406fda
.exe windows x64

77fa2f3cd9dbbcfa19b853a8be7c00bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateProcessA
DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
GetEnvironmentVariableA
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_errno
_fmode
_initterm
_lock
_onexit
_unlock
abort
atoi
calloc
exit
fprintf
fputc
fputs
free
localeconv
malloc
memset
signal
strcpy
strerror
strlen
strncmp
vfprintf
wcslen

ws2_32

WSAConnect
WSASocketA

wsock32

WSAStartup
htons
inet_addr

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77fa2f3cd9dbbcfa19b853a8be7c00bd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ws2_32

wsock32

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 240B

.rdata Size: 3KB - Virtual size: 3KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 512B - Virtual size: 132B

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 240B

.rdata
Size: 3KB - Virtual size: 3KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 512B - Virtual size: 132B