20b6279beac630c75cdb4bc50d69e044

General

Target

20b6279beac630c75cdb4bc50d69e044
Size

73KB
MD5

20b6279beac630c75cdb4bc50d69e044
SHA1

3d298e367a4173bf4c3afefb7a381005290bf3f1
SHA256

cb8cdf3c51f473b233bf2da8b2cbe92972c8dcd829d7352fe4642980106a06be
SHA512

0ee4f14ce2ad40b238a2a2e75f5d8795157f13cc513fb1b4762254462fd75a87f29e1217390b40c7f50e46589934982fa9107a510ebd5f960afd93536fb4a7a3
SSDEEP

768:yN4ectvEcNDBLiZldxQRthTIg62IXnIq5CJ/Q1DjTDViu0l:yeRNulXQ1ImSCJ/Qtpel

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b6279beac630c75cdb4bc50d69e044

Files

20b6279beac630c75cdb4bc50d69e044
.exe windows:4 windows x86 arch:x86

5a3c9a99caf6b1e21a6dba9e08cdaa4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
CloseHandle
DeviceIoControl
CreateFileA
GetLastError
SetPriorityClass
GetCurrentProcess
ExitProcess
ReleaseMutex
CreateMutexA
WriteFile
SetFilePointer
Sleep
lstrlenW
GetLocalTime
lstrcmpiA
CreateThread
GetComputerNameA
GetCurrentThreadId
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
HeapSize
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
LCMapStringW
LCMapStringA
FlushFileBuffers
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
RaiseException
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapFree
RtlUnwind
HeapAlloc

user32

SendMessageA
EnumChildWindows
GetCursorPos
GetWindow
wsprintfA
MessageBoxA
PostMessageA
GetClassNameA
WindowFromPoint
GetWindowTextA
SendMessageTimeoutA
GetForegroundWindow
GetTopWindow
GetInputState
PostThreadMessageA
GetMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow
RegisterWindowMessageA

ole32

CoInitialize

oleaut32

SysFreeString
VariantClear

iphlpapi

GetAdaptersInfo

ws2_32

WSACleanup
recv
send
closesocket
connect
inet_addr
htons
socket
WSAStartup

shlwapi

StrStrIA

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5a3c9a99caf6b1e21a6dba9e08cdaa4b

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

iphlpapi

ws2_32

shlwapi

Sections

.text Size: 72KB - Virtual size: 72KB

.text
Size: 72KB - Virtual size: 72KB