79331cd9c2f9eb394845df58acb9ed2c3b8f221d6c8725afbc0ef6275f7f1a7b

Sharing

Copy URL Twitter E-mail

General

Target

79331cd9c2f9eb394845df58acb9ed2c3b8f221d6c8725afbc0ef6275f7f1a7b
Size

54KB
MD5

6addc005f55ee4af7ac1c3a2ac39768b
SHA1

72057f9ee287a5a25f860598a90e127cd8b4efc0
SHA256

79331cd9c2f9eb394845df58acb9ed2c3b8f221d6c8725afbc0ef6275f7f1a7b
SHA512

e990afae4f42bcca70861b6afad495001cba14067ca6911be15cd0c95bf81af6cebb2b3937a54f3e5f8b4522c7d26141cfb474248aa88b6eab729c7089ab7c79
SSDEEP

768:oBdTmvZTmJcDU4J+hOHpu2PLAaiyu0GZFnjwaiyahEzOj1:QdTohDU4J+hywFaRu0uw+zOj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79331cd9c2f9eb394845df58acb9ed2c3b8f221d6c8725afbc0ef6275f7f1a7b

Files

79331cd9c2f9eb394845df58acb9ed2c3b8f221d6c8725afbc0ef6275f7f1a7b
.exe windows:5 windows x64

67fa796853e970ec5627a8015e02bed2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

htons
WSAGetLastError
WSACleanup
WSAStartup
getservbyport
gethostname
htonl

iphlpapi

GetUdpStatistics
GetTcpStatistics
GetIpStatistics
GetIfTable
GetIcmpStatistics
GetExtendedUdpTable
GetExtendedTcpTable

msvcrt

__lconv_init
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memcpy
__C_specific_handler
_vsnwprintf
wcslen
memset
strncpy
strcpy
_wcsicmp
iswctype
towlower
_wsystem
swscanf
sprintf
signal

kernel32

QueryPerformanceCounter
GetModuleHandleA
LoadLibraryW
DeleteCriticalSection
GetLastError
TlsGetValue
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStartupInfoW
GetConsoleMode
LockResource
LoadResource
GetProcAddress
GetFileType
FindResourceExW
WriteConsoleW
GetConsoleOutputCP
WideCharToMultiByte
WriteFile
SetLastError
LocalFree
LeaveCriticalSection
FormatMessageW
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
Sleep
HeapFree
HeapAlloc
GetStdHandle
GetSystemTimeAsFileTime

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67fa796853e970ec5627a8015e02bed2

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

iphlpapi

msvcrt

kernel32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 704B

.pdata Size: 1024B - Virtual size: 624B

.rsrc Size: 31KB - Virtual size: 31KB

.reloc Size: 512B - Virtual size: 64B

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 704B

.pdata
Size: 1024B - Virtual size: 624B

.rsrc
Size: 31KB - Virtual size: 31KB

.reloc
Size: 512B - Virtual size: 64B