1cda30180d5ee52b66011dcfe27d20b6

Sharing

Copy URL Twitter E-mail

General

Target

1cda30180d5ee52b66011dcfe27d20b6
Size

20KB
MD5

1cda30180d5ee52b66011dcfe27d20b6
SHA1

25955ccba8b0ecc0f00c68e18fa1a3c2b571919f
SHA256

e17383b015e3be8138d78ee52d8cc1606f3d333bb80686b17eee52bb2b24b0c9
SHA512

ac14fc41f85232726a3b9d419ca0db60717b25083cd192ebca18ebb5301214efc311bf319611961df21e63984a53ab7eadcd01301d166f8154df7fab988f41a7
SSDEEP

384:xlI05A44xBjsHdVnJ9hGk8x8FWFauCBIG0WBo+:xlv5AhBjsHXJjGk8x8AvG0W7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1cda30180d5ee52b66011dcfe27d20b6

Files

1cda30180d5ee52b66011dcfe27d20b6
.exe windows:4 windows x86 arch:x86

30a837987a8ba0e837962d7731d9d6f7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
CloseHandle
CreatePipe
CreateProcessA
CreateThread
ExitProcess
FindAtomA
GetAtomNameA
GetExitCodeProcess
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryA
LoadLibraryA
ReadFile
SetCurrentDirectoryA
SetUnhandledExceptionFilter
WriteFile

msvcrt

_close
__getmainargs
__p___argv
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
atoi
exit
fclose
fflush
fopen
fprintf
fputc
fread
free
getenv
malloc
memcpy
memset
printf
puts
signal
sprintf
strchr
strlen
strncmp
strncpy
vfprintf

user32

CallNextHookEx
DispatchMessageA
GetKeyNameTextA
GetMessageA
SetWindowsHookExA
TranslateMessage
UnhookWindowsHookEx

ws2_32

WSASocketA
WSAStartup
accept
bind
closesocket
connect
gethostbyname
htonl
htons
inet_ntoa
listen
ntohs
recv
send
shutdown
socket

Exports

Exports

KeyEvent@12

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 368B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 74B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30a837987a8ba0e837962d7731d9d6f7

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

ws2_32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 96B

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 368B

.edata Size: 512B - Virtual size: 74B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 676B

.reloc Size: 1024B - Virtual size: 764B

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 96B

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 368B

.edata
Size: 512B - Virtual size: 74B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 676B

.reloc
Size: 1024B - Virtual size: 764B