13d3d12162477701a93b1aac900de8e42b877f9d91d1f2e83ccb899d2a31e78d

Sharing

Copy URL Twitter E-mail

General

Target

13d3d12162477701a93b1aac900de8e42b877f9d91d1f2e83ccb899d2a31e78d
Size

1.0MB
MD5

87f835de3b28b32345d9c9f635a43c29
SHA1

7d1cff7bb0afcf21f25ee3924b902342c8a98676
SHA256

13d3d12162477701a93b1aac900de8e42b877f9d91d1f2e83ccb899d2a31e78d
SHA512

dc6a729b19ab726ecfbaa7f9db7d80e4a8af2a31730286955884b49d2faddcd950a2c3c9dcd5facc201f875a7383a31103d8eaeaf25762e8b32346d461268ce6
SSDEEP

24576:Y3+KpPpskWocrc1HwThlT/nkLORdhOvzPz3LOvk9d1qC4YX:id9cruHwrvdRXOP7T1qCX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13d3d12162477701a93b1aac900de8e42b877f9d91d1f2e83ccb899d2a31e78d

Files

13d3d12162477701a93b1aac900de8e42b877f9d91d1f2e83ccb899d2a31e78d
.exe windows:6 windows x86

4bb18babb27ee29139869137fffaf161

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SystemTimeToFileTime
CreateProcessW
WideCharToMultiByte
LoadLibraryA
GetProcAddress
FreeLibrary
GetFileType
GetCurrentThreadId
GetModuleHandleA
GetLocalTime
GetCurrentProcessId
GetTickCount
GlobalMemoryStatus
FlushConsoleInputBuffer
DecodePointer
WriteConsoleW
HeapSize
MultiByteToWideChar
DuplicateHandle
GetFileAttributesW
FindClose
CreatePipe
WriteFile
GetStdHandle
GetCurrentProcess
GetFullPathNameW
FindNextFileW
SetLastError
SetHandleInformation
FindFirstFileW
ReadFile
CloseHandle
GetLastError
QueryPerformanceCounter
CreateMutexW
GetProcessHeap
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadConsoleInputW
SetConsoleMode
HeapReAlloc
FlushFileBuffers
SetFilePointerEx
ReadConsoleW
SetEndOfFile
GetConsoleMode
SetStdHandle
GetCurrentDirectoryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateEventW
GetModuleHandleW
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
EncodePointer
SetConsoleCtrlHandler
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetConsoleCP
GetTimeZoneInformation
GetModuleFileNameW
GetCommandLineA
GetCommandLineW
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW

user32

GetUserObjectInformationW
MessageBoxA
GetProcessWindowStation

advapi32

RegisterEventSourceA
DeregisterEventSource
RegCloseKey
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
ReportEventA

ws2_32

select
ntohl
shutdown
listen
WSAStartup
getpeername
getsockname
send
socket
ntohs
bind
WSASetLastError
recvfrom
recv
getsockopt
htonl
htons
sendto
ioctlsocket
setsockopt
WSAGetLastError
closesocket
accept
__WSAFDIsSet
connect
inet_ntoa

Sections

.text
Size: 797KB - Virtual size: 797KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4bb18babb27ee29139869137fffaf161

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 797KB - Virtual size: 797KB

.rdata Size: 192KB - Virtual size: 192KB

.data Size: 17KB - Virtual size: 27KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 34KB - Virtual size: 33KB

.text
Size: 797KB - Virtual size: 797KB

.rdata
Size: 192KB - Virtual size: 192KB

.data
Size: 17KB - Virtual size: 27KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 34KB - Virtual size: 33KB