42d73c42c23ca0f840c804ce2f295f0c

Sharing

Copy URL Twitter E-mail

General

Target

42d73c42c23ca0f840c804ce2f295f0c
Size

452KB
MD5

42d73c42c23ca0f840c804ce2f295f0c
SHA1

cf7a79c305bf5502e71b618411a7d9f7aab024ad
SHA256

e7f069ccbcb89cc6a849b7d2c2a37a3331b002671527af661402bdd2e3622a45
SHA512

ebe0b935886860d1e691706ecf077c9ac2de12e8bd1e404f13c4bd7586e042735dd9a49ac740dbe374235c572cb338f25fad29b49f811694422c21bcd744ff4c
SSDEEP

6144:cgLgZbycRq+5fOZaTg/OQbQRibWazKmaIHXyFnAIHOU4wLZfWmtLSRhAGhyLCPZ1:cgLgZb67arQEeKmDHonAK414edhy+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d73c42c23ca0f840c804ce2f295f0c

Files

42d73c42c23ca0f840c804ce2f295f0c
.exe windows:4 windows x86 arch:x86

ab688a022ccf6814ebb555ad6b435e10

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons
closesocket
getsockopt
bind
socket
WSAStartup
setsockopt
connect
htonl
inet_addr
gethostbyname
WSACleanup
WSASetLastError
send
recv
WSAGetLastError

netapi32

Netbios

kernel32

IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
LoadLibraryA
SetUnhandledExceptionFilter
LCMapStringW
RaiseException
InitializeCriticalSection
DeleteCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrlenW
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
lstrcatA
lstrcpyA
LockResource
FindResourceExA
WaitForSingleObject
FreeResource
FindClose
FindFirstFileA
SetFilePointer
CreateFileA
CloseHandle
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
CreateDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
SetFileTime
WriteFile
LocalFree
FormatMessageA
LCMapStringA
TlsGetValue
TlsSetValue
TlsFree
SetLastError
TlsAlloc
GetCPInfo
GetStdHandle
GetOEMCP
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
TerminateProcess
GetProcAddress
IsBadWritePtr
VirtualFree
HeapCreate
GetCommandLineA
GetStartupInfoA
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
ExitProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

GetSystemMetrics
LoadImageA
GetActiveWindow
DialogBoxParamA
PostQuitMessage
IsWindow
IsDialogMessageA
MessageBoxA
wsprintfA
SetWindowTextA
SendMessageA
CharNextA
DefWindowProcA
CreateDialogParamA
DestroyWindow
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
SetWindowLongA
UnregisterClassA
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
SetWindowPos
GetParent
GetWindowLongA
EndDialog
GetDlgItem
GetWindow

advapi32

RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegCloseKey
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetFolderPathA

ole32

CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ab688a022ccf6814ebb555ad6b435e10

Headers

File Characteristics

Imports

ws2_32

netapi32

kernel32

user32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 344KB - Virtual size: 360KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 344KB - Virtual size: 360KB