caa97aa69470d4e00f46cf3cb913ed0396cb3bf61f0c300aaf0d184081e6e3ec

Sharing

Copy URL Twitter E-mail

General

Target

caa97aa69470d4e00f46cf3cb913ed0396cb3bf61f0c300aaf0d184081e6e3ec
Size

5.4MB
MD5

b5b265a96bd8d09361fe4dec6be76c08
SHA1

e8d7c010c5c98caee36b576882e586a536da046d
SHA256

caa97aa69470d4e00f46cf3cb913ed0396cb3bf61f0c300aaf0d184081e6e3ec
SHA512

47931fa23aef7b29c1f7a66efc72f511f377486542ff5ffc0f78fa88fb6e826b7d53f26d4771a5105f53a0935c4ed11920b477a6a17d542be9474eae7c080b36
SSDEEP

98304:Irq0cQaO0cx5799KLewOCLedWJUnzryM0jxL11tUb+2SsN4Jm6:cWQP0M79o6G0nyM0jxL11aPw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caa97aa69470d4e00f46cf3cb913ed0396cb3bf61f0c300aaf0d184081e6e3ec

Files

caa97aa69470d4e00f46cf3cb913ed0396cb3bf61f0c300aaf0d184081e6e3ec
.exe windows:5 windows x86

d947d2597d6d5cfc80c6e1fca391e6e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 kernel32

GetEnvironmentStrings ��U

kernel32

OutputDebugStringA
TerminateProcess
GetCurrentProcess
Sleep
CreateThread
CloseHandle
ReadFile
SetFilePointer
CreateFileA
WinExec
lstrcatA
GetModuleFileNameA
GetCommandLineA
VirtualAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualProtectEx
VirtualFree
GetModuleHandleA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP

user32

MessageBoxA
wvsprintfA

ws2_32

WSACleanup

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K2LDnxw
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K2LDnxw
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K2LDnxw
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.K2LDnxw
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d947d2597d6d5cfc80c6e1fca391e6e0

Headers

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

ws2_32

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.K2LDnxw Size: 544KB - Virtual size: 544KB

.K2LDnxw Size: 16KB - Virtual size: 16KB

.K2LDnxw Size: 8KB - Virtual size: 8KB

.K2LDnxw Size: 4KB - Virtual size: 4KB

.text
Size: 4.8MB - Virtual size: 4.8MB

.K2LDnxw
Size: 544KB - Virtual size: 544KB

.K2LDnxw
Size: 16KB - Virtual size: 16KB

.K2LDnxw
Size: 8KB - Virtual size: 8KB

.K2LDnxw
Size: 4KB - Virtual size: 4KB