7330e43851b893d8526975e0c1d8ed75fd6eb2e1f07a1e2ff343e70a9286bf0d

Sharing

Copy URL Twitter E-mail

General

Target

7330e43851b893d8526975e0c1d8ed75fd6eb2e1f07a1e2ff343e70a9286bf0d
Size

378KB
MD5

6c5f70bf909779cb99a6ac1eb6b6fd6f
SHA1

bc8bf59888d61cb58f8b0f6d53a1f99842d8e8b8
SHA256

7330e43851b893d8526975e0c1d8ed75fd6eb2e1f07a1e2ff343e70a9286bf0d
SHA512

32adc1e0f58972b5f79b7ff5adb77367ac2527538596789c583e8c4278c5f5131693112a207100a43a5d40878f48ece940b8484be20809d92e05788080f4a979
SSDEEP

6144:TL5QR7O5isn97FO3RdVlPv1lnRaqZ9sguohfzxePKfFvBR3UffX/hRUXAO93LkOZ:TqtO5iQFcbVlvxuohfWEFZCfX/gAO975

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7330e43851b893d8526975e0c1d8ed75fd6eb2e1f07a1e2ff343e70a9286bf0d

Files

7330e43851b893d8526975e0c1d8ed75fd6eb2e1f07a1e2ff343e70a9286bf0d
.exe windows x86

0e3ad7de655635ba2252215357fe3075

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
GetModuleHandleA
QueryPerformanceFrequency
GetEnvironmentVariableA
MoveFileExA
Sleep
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
GetLastError
SetLastError
SleepEx
LeaveCriticalSection
CloseHandle
VerSetConditionMask
VerifyVersionInfoW
CompareStringW
CreateFileW
GetDriveTypeW
GetStringTypeW
LCMapStringW
WriteConsoleW
HeapSize
LoadLibraryW
InitializeCriticalSection
GetTickCount
QueryPerformanceCounter
GetTempPathA
FindClose
FindFirstFileA
CreateDirectoryA
GlobalUnlock
GlobalLock
WaitForSingleObject
GlobalSize
GetTimeZoneInformation
RtlUnwind
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
GetFullPathNameA
GetProcessHeap
SetEndOfFile
SetStdHandle
FlushFileBuffers
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapFree
HeapAlloc
DeleteFileA
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
GetFileType
CreateFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
GetFileAttributesA
ExitThread
GetCurrentThreadId
CreateThread
GetTimeFormatA
GetDateFormatA
RaiseException
ReadFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
EncodePointer
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

AddClipboardFormatListener
DispatchMessageA
DefWindowProcA
CreateWindowExA
RemoveClipboardFormatListener
GetClipboardData
SetWindowLongA
TranslateMessage
SetTimer
CloseClipboard
GetMessageA
OpenClipboard

advapi32

CryptEncrypt
CryptImportKey
CryptHashData
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptGenRandom
CryptAcquireContextA
CryptReleaseContext
CryptDestroyKey

ws2_32

select
__WSAFDIsSet
htonl
htons
WSACleanup
WSAGetLastError
closesocket
ntohs
WSASetLastError
setsockopt
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
WSAResetEvent
send
getsockopt
WSAWaitForMultipleEvents
WSAStartup
WSAIoctl
socket
bind
recv
getsockname
connect
getpeername
accept
listen
freeaddrinfo
ioctlsocket
WSACloseEvent
getaddrinfo

Sections

.text
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e3ad7de655635ba2252215357fe3075

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 310KB - Virtual size: 310KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 310KB - Virtual size: 310KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 15KB - Virtual size: 14KB