073fdb9010fe2d368ac0e233d76ba30f

Sharing

Copy URL Twitter E-mail

General

Target

073fdb9010fe2d368ac0e233d76ba30f
Size

62KB
MD5

073fdb9010fe2d368ac0e233d76ba30f
SHA1

ea9fa28b5faab631878d4034be941825a17dcbce
SHA256

b9478d17cfde9fb9890d79ba908195f3116dbc75e12fe82c1ea66bd8bb42e115
SHA512

bedb3b2ed5af90bd7b3c1d5daaa3d393a27287164567b19d0f2cf87c4cc4ffa3cdff0b1b6a79e4b9a6d83b1ff55870663de3ac9a392e3712bceb0ca6dfe0ab7c
SSDEEP

768:afgNgTmVQS5sfXTOvIIXaMWXPcAT3YSoAvtFCHJ6grQkgA70PloZK8g:P/sfkJXaMWXhT3YSoiLCHJ5skgdP+Vg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
073fdb9010fe2d368ac0e233d76ba30f

Files

073fdb9010fe2d368ac0e233d76ba30f
.exe windows:4 windows x86 arch:x86

2510db954b6cee650ebad87ea21551ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetSystemDirectoryA
TlsAlloc
HeapAlloc
GetCurrentThreadId
LoadLibraryA
GetShortPathNameA
HeapFree
HeapReAlloc
GetLocaleInfoW
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetLocaleInfoA
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
ExitProcess
TerminateProcess
GetCurrentProcess
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetCurrentDirectoryA
DeleteFileA
MoveFileA
CreateDirectoryA
RemoveDirectoryA
DeleteCriticalSection
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
CreateFileA
GetProcAddress
WriteFile
SetLastError
TlsGetValue
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
RtlUnwind
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
ReadFile
SetHandleCount
GetStdHandle
GetFileType
SetFilePointer
HeapDestroy
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
HeapCreate
VirtualFree
VirtualAlloc
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers

user32

ExitWindowsEx
MessageBoxA
wsprintfA

advapi32

RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

wsock32

bind
send
WSACleanup
WSAStartup
socket
ntohs
listen
accept
setsockopt
recv
closesocket

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2510db954b6cee650ebad87ea21551ab

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wsock32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 20KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 20KB

.idata
Size: 2KB - Virtual size: 2KB