4256f9c5f687bd8a5f510e784e205e14

Sharing

Copy URL Twitter E-mail

General

Target

4256f9c5f687bd8a5f510e784e205e14
Size

160KB
MD5

4256f9c5f687bd8a5f510e784e205e14
SHA1

3f5da94e8ecb980a8831dbe66f8eb77c690884bd
SHA256

c25cb59524cea5eb63f955c1eee972058c037ea79abed9f1e7607c9c9e1df482
SHA512

8479afcb85ba1cb9dd21161d745f9344e61391d1a6c70b088db8975dd74b20836c03dd03803ef3ed4915a9fe34c741f9be530dfbe319c66985530023b9cd8b9d
SSDEEP

3072:7/GvH4FmAwml7F00Xfpsko1IVYsOlvNOvteD8oEboHNQbZ6u:LGvml7F00vpsztsqvSQwtC2N6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4256f9c5f687bd8a5f510e784e205e14

Files

4256f9c5f687bd8a5f510e784e205e14
.exe windows:4 windows x86 arch:x86

d4399b87b019905817e0ff4eae99b286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

getsockname
inet_addr
accept
listen
bind
WSACleanup
gethostname
getpeername
__WSAFDIsSet
shutdown
closesocket
socket
htons
htonl
connect
sendto
select
recvfrom
inet_ntoa
getsockopt
WSAGetLastError
WSAStartup
recv
send
ioctlsocket
gethostbyname

kernel32

LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetFileType
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetLocalTime
GetTickCount
ReadFile
GetFileSize
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
GetModuleFileNameA
CopyFileA
TerminateThread
GetCurrentProcessId
ExitProcess
GetSystemDefaultLangID
GetComputerNameA
SetThreadPriority
GetThreadPriority
GetCurrentThread
SetPriorityClass
GetPriorityClass
GetCurrentProcess
QueryPerformanceCounter
QueryPerformanceFrequency
CreateProcessA
GetLastError
CreateMutexA
ReleaseMutex
WriteFile
ExpandEnvironmentStringsA
GetShortPathNameA
GetTempPathA
GetSystemDirectoryA
GetLocaleInfoA
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
CreateFileA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA

user32

GetDC
CharToOemA
ReleaseDC

gdi32

GetDeviceCaps

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
GetUserNameA

wininet

InternetReadFile
InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA

winmm

timeSetEvent
timeBeginPeriod
timeKillEvent
timeEndPeriod

mpr

WNetOpenEnumA
WNetAddConnection2A
WNetCancelConnectionA
WNetEnumResourceA
WNetCloseEnum

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4399b87b019905817e0ff4eae99b286

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

wininet

winmm

mpr

Sections

.text Size: 96KB - Virtual size: 94KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 32KB - Virtual size: 121KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 232B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 96KB - Virtual size: 94KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 121KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 232B

.reloc
Size: 12KB - Virtual size: 8KB