470ef77981c407d3fdfc001c245de8e979b7b5626fc4f5109eb7e826f5e1a5be

Sharing

Copy URL Twitter E-mail

General

Target

470ef77981c407d3fdfc001c245de8e979b7b5626fc4f5109eb7e826f5e1a5be
Size

92KB
MD5

9cd342df1b0209d1484e03e91415e704
SHA1

4866883d8a4b26c398ef2e44036ca26fc1d64c2e
SHA256

470ef77981c407d3fdfc001c245de8e979b7b5626fc4f5109eb7e826f5e1a5be
SHA512

2cfa1fc065ee8d0e7376da7f2c4b077bca3e6823899ae16bf76188c31d56d0e839e2be1d0b35e1dbb00f5a7c848dc6011a600e843a639892b58b86746272ce9d
SSDEEP

1536:lR1iT7dm4dbgRrCDyhX+/5U39JDsObadrUxhuG9tlnfMzfBzqt/5BzW:lHa7s4d8Rroqr3UO3husBfMzfBaBi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
470ef77981c407d3fdfc001c245de8e979b7b5626fc4f5109eb7e826f5e1a5be

Files

470ef77981c407d3fdfc001c245de8e979b7b5626fc4f5109eb7e826f5e1a5be
.exe windows:5 windows x86 arch:x86

8f9fd98d9b5a414527c0f397f39f79e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
connect
htons
inet_addr
socket
WSAStartup

user32

CreateWindowExA
RegisterClassA
DispatchMessageA
TranslateMessage
GetMessageA
SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx

kernel32

InitializeCriticalSectionAndSpinCount
CreateFileW
SetStdHandle
WriteConsoleW
CloseHandle
ReadFile
SetFilePointer
GetStringTypeW
MultiByteToWideChar
LCMapStringW
FlushFileBuffers
GetConsoleMode
VirtualAlloc
CreateThread
GetUserDefaultUILanguage
GetModuleHandleA
GetLastError
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapAlloc
HeapFree
IsProcessorFeaturePresent
EncodePointer
DecodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
Sleep
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryW
HeapReAlloc
GetConsoleCP

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f9fd98d9b5a414527c0f397f39f79e6

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

user32

kernel32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 7KB - Virtual size: 7KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 5KB - Virtual size: 5KB