b9655ff4509fdce704f15d907407818f4b9f8643579c7e879b00a3eabc4bfb58

Sharing

Copy URL

Twitter E-mail

General

Target

b9655ff4509fdce704f15d907407818f4b9f8643579c7e879b00a3eabc4bfb58
Size

18KB
MD5

cba5f419ae790dac027a6a523c9693a8
SHA1

215b9d41f7483976b81073f4a3045a939bc241b3
SHA256

b9655ff4509fdce704f15d907407818f4b9f8643579c7e879b00a3eabc4bfb58
SHA512

b815bb37aae114321211f2e7c0b1534ef76b8df305805046dee122e47bf7d22613c68a30b5241bb992dd2371fdf6845afb787d15ae009fa89b618cf6952ed5ba
SSDEEP

384:vonGzvukA+HKcd2t2ZlxyQ/3xUB7niMf+SHTIPGF+Qr52:mcd2t2Z7t3ynuSzI+F+Qr52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9655ff4509fdce704f15d907407818f4b9f8643579c7e879b00a3eabc4bfb58

Files

b9655ff4509fdce704f15d907407818f4b9f8643579c7e879b00a3eabc4bfb58
.exe windows x86

a1d1aeefc3777639c289211ee766c3c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSection
DeleteCriticalSection
GetLastError
GetPrivateProfileIntA
GetLocalTime
GetModuleFileNameA
GetCommandLineA
GetModuleHandleA
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapSetInformation
InterlockedCompareExchange
DecodePointer
InterlockedExchange
EncodePointer

advapi32

QueryServiceStatus
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
DeleteService
CreateServiceA
StartServiceA
ControlService
OpenSCManagerA
OpenServiceA
CloseServiceHandle

mfc100

ord888
ord1448
ord1313
ord4283
ord1288
ord2087
ord316
ord901
ord310
ord1296
ord11627
ord1485

msvcr100

__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
exit
?terminate@@YAXXZ
_crt_debugger_hook
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
memset
_stricmp
printf
fopen
fprintf
__set_app_type
fclose
_splitpath
__CxxFrameHandler3
_unlock

msvcp100

?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?width@ios_base@std@@QAE_J_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?uncaught_exception@std@@YA_NXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?good@ios_base@std@@QBE_NXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

ws2_32

WSAStartup

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1d1aeefc3777639c289211ee766c3c9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

mfc100

msvcr100

msvcp100

ws2_32

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB