1a0b37cc23a54f7610a7d2b2997626fc

Sharing

Copy URL

Twitter E-mail

General

Target

1a0b37cc23a54f7610a7d2b2997626fc
Size

257KB
MD5

1a0b37cc23a54f7610a7d2b2997626fc
SHA1

4260945294092ee5520ad19f09f706e08c602857
SHA256

19cb7966952a1869a81dbbab429331964f1eaa1f4ed482f56f3d674f29ef1532
SHA512

1ad343e0aa316975fd130f98a6868587a7a9fdb2ad43fa364f86ed52520ffa64faaac86a3d153fafe21448fa15359f8e8c2b2c0c49ffc0376499ee0d6ef2cef3
SSDEEP

6144:tD9sntZ8cWJOcUz6QYO7fvxc0Im3oFmO797QwnE4hMt:NSt+cWJOBOVO7vrIU67dDE4hM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0b37cc23a54f7610a7d2b2997626fc

Files

1a0b37cc23a54f7610a7d2b2997626fc
.exe windows:4 windows x86 arch:x86

2185d49a49bb7b59a0a13360c3f963c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadStringA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
GetTokenInformation
OpenThreadToken
GetUserNameA

kernel32

WaitForSingleObject
FindClose
GetFileSize
IsDebuggerPresent
FindFirstFileW
GetUserDefaultLCID
GetTempFileNameW
CreateThread
FreeLibrary
FormatMessageW
FindNextFileA
ReleaseMutex
GetSystemTimeAsFileTime
GetModuleHandleW
GetCurrentThreadId
FindNextFileW
CreateDirectoryA
CreateDirectoryW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LCMapStringA
GetCurrentDirectoryA
CloseHandle
GetTempPathW
GlobalFree
CreateMutexW
CreateFileW
GetSystemDirectoryA
LocalFree
FindFirstFileA
GetStringTypeExA
GetACP
VirtualAlloc

ws2_32

select
inet_addr
bind
getsockopt
__WSAFDIsSet
connect
recv
inet_ntoa
getsockname
closesocket
send
ioctlsocket
WSACleanup
accept
getservbyport
WSAGetLastError
WSAStartup
socket
htons
getservbyname
WSASetLastError
listen
gethostbyname
htonl
gethostbyaddr
ntohs

ole32

CoTaskMemFree

wininet

DetectAutoProxyUrl

iassvcs

IASUninitialize
IASSetMaxNumberOfThreads
IASReportEvent

dpnlobby

DirectPlay8LobbyCreate

Sections

.ZnjXKcl
Size: 2KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.SezVYa
Size: 512B - Virtual size: 14KB

IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NYRXV
Size: 1024B - Virtual size: 878B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wHjZdqa
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CzSxG
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ISaAJr
Size: 512B - Virtual size: 426B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MuPPIZP
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 207KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PdCNXDO
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.odKjZ
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.HxFijzu
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CPVzf
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2185d49a49bb7b59a0a13360c3f963c5

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

ws2_32

ole32

wininet

iassvcs

dpnlobby

Sections

.ZnjXKcl Size: 2KB - Virtual size: 20KB

.SezVYa Size: 512B - Virtual size: 14KB

.text Size: 18KB - Virtual size: 18KB

.NYRXV Size: 1024B - Virtual size: 878B

.wHjZdqa Size: 3KB - Virtual size: 2KB

.CzSxG Size: 512B - Virtual size: 380B

.ISaAJr Size: 512B - Virtual size: 426B

.data Size: 6KB - Virtual size: 25KB

.MuPPIZP Size: 3KB - Virtual size: 2KB

.rdata Size: 207KB - Virtual size: 207KB

.PdCNXDO Size: 2KB - Virtual size: 2KB

.odKjZ Size: 3KB - Virtual size: 2KB

.HxFijzu Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.CPVzf Size: 2KB - Virtual size: 1KB

.ZnjXKcl
Size: 2KB - Virtual size: 20KB

.SezVYa
Size: 512B - Virtual size: 14KB

.text
Size: 18KB - Virtual size: 18KB

.NYRXV
Size: 1024B - Virtual size: 878B

.wHjZdqa
Size: 3KB - Virtual size: 2KB

.CzSxG
Size: 512B - Virtual size: 380B

.ISaAJr
Size: 512B - Virtual size: 426B

.data
Size: 6KB - Virtual size: 25KB

.MuPPIZP
Size: 3KB - Virtual size: 2KB

.rdata
Size: 207KB - Virtual size: 207KB

.PdCNXDO
Size: 2KB - Virtual size: 2KB

.odKjZ
Size: 3KB - Virtual size: 2KB

.HxFijzu
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.CPVzf
Size: 2KB - Virtual size: 1KB