c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786

Sharing

Copy URL Twitter E-mail

General

Target

c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786
Size

233KB
MD5

5b7d97522d4035c4f4f4f5d92f3df931
SHA1

c4dd75afa16fd91631524a6444ddbf770af807ec
SHA256

c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786
SHA512

9f47cd34bd938152a7a741bb8b8bbe48e3e18365345ae02a7753149c94a0c7fa3c4abeb4606f6285c3b473dbb32f4bd88436f7fe0b45664a1deaab73cd254bbf
SSDEEP

3072:ljBsj3J6/qxxxSuAk7GSnvT4Wak7GSnvT4WpZQNShYEtWN:u3vP/HkqHkrrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786

Files

c15954fdf792a0db30046a4b942c62fb356d5e6e3803149c02ff3c8741d64786
.exe windows x86

9537187bfdb9a7cb2dfe183886ddfbf2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateEventA
CreateThread
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FreeLibrary
GetConsoleWindow
GetCurrentProcess
GetCurrentThread
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetThreadContext
HeapAlloc
HeapFree
InitializeCriticalSection
IsBadReadPtr
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
ResumeThread
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SuspendThread
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_close
_errno
_initterm
_iob
_lock
_onexit
_open
_stricmp
_unlock
_write
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
localeconv
malloc
memcpy
memset
perror
realloc
setlocale
signal
strchr
strcmp
strerror
strlen
strncmp
strstr
strtoul
vfprintf
wcslen

shell32

ShellExecuteExA

user32

MessageBoxA
ShowWindow

ws2_32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
socket

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 1024B - Virtual size: 841B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 1024B - Virtual size: 951B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 1024B - Virtual size: 759B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/107
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 512B - Virtual size: 59B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9537187bfdb9a7cb2dfe183886ddfbf2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

user32

ws2_32

Sections

.text Size: 37KB - Virtual size: 37KB

.data Size: 512B - Virtual size: 224B

.rdata Size: 6KB - Virtual size: 5KB

/4 Size: 6KB - Virtual size: 5KB

.bss Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 118KB - Virtual size: 120KB

.reloc Size: 1KB - Virtual size: 1KB

/14 Size: 512B - Virtual size: 120B

/29 Size: 6KB - Virtual size: 5KB

/41 Size: 1024B - Virtual size: 841B

/55 Size: 1024B - Virtual size: 951B

/67 Size: 512B - Virtual size: 56B

/80 Size: 512B - Virtual size: 115B

/91 Size: 1024B - Virtual size: 759B

/107 Size: 2KB - Virtual size: 2KB

/123 Size: 512B - Virtual size: 59B

.text
Size: 37KB - Virtual size: 37KB

.data
Size: 512B - Virtual size: 224B

.rdata
Size: 6KB - Virtual size: 5KB

/4
Size: 6KB - Virtual size: 5KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 118KB - Virtual size: 120KB

.reloc
Size: 1KB - Virtual size: 1KB

/14
Size: 512B - Virtual size: 120B

/29
Size: 6KB - Virtual size: 5KB

/41
Size: 1024B - Virtual size: 841B

/55
Size: 1024B - Virtual size: 951B

/67
Size: 512B - Virtual size: 56B

/80
Size: 512B - Virtual size: 115B

/91
Size: 1024B - Virtual size: 759B

/107
Size: 2KB - Virtual size: 2KB

/123
Size: 512B - Virtual size: 59B