1252de21b31e18830bee686bcf96d859

General

Target

1252de21b31e18830bee686bcf96d859
Size

62KB
MD5

1252de21b31e18830bee686bcf96d859
SHA1

686677423c4b92c4dd14964dcfa019a56409dbbb
SHA256

f95f2d10c8d9c41bdf088c8208d2648ff6ced71779f5ded2a43f9bbdf793b68d
SHA512

9aeabf69b6169af93a52627f412c80d7b3f6c8596a22b321950254a209dbc6e23802b8a1d513f1eede379611686fd48d0e9d64a02c25992c6ea3d30e070059d4
SSDEEP

768:BmTeCzRA6ZPsQoUesxN9fCQriHM8Qpoe8JKWwxVSa61gJiGZyMKGX3eIG55a3ITC:BKBA8TxNpC8oe8JLgUzciGxU5fgzJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1252de21b31e18830bee686bcf96d859

Files

1252de21b31e18830bee686bcf96d859
.exe windows:4 windows x86 arch:x86

6d493041697ebf71f17a21370062fe9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
RemoveDirectoryA
CreateDirectoryA
DeleteFileA
GetLastError
ReadFile
SetLastError
FlushFileBuffers
WriteFile
CloseHandle
CreateFileA
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
LCMapStringW
LCMapStringA
SetFilePointer
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetStdHandle

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

ws2_32

WSAStartup
socket
WSAGetLastError
ioctlsocket
listen
ntohs
htons
bind
getsockname
accept
send
recv
closesocket

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zck7li.e
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iw7iwhj8
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d493041697ebf71f17a21370062fe9f

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 16KB

zck7li.e Size: 16KB - Virtual size: 20KB

iw7iwhj8 Size: 4KB - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 16KB

zck7li.e
Size: 16KB - Virtual size: 20KB

iw7iwhj8
Size: 4KB - Virtual size: 4KB