1aec7aebd916c3862131af0f7fe46da2

Sharing

Copy URL Twitter E-mail

General

Target

1aec7aebd916c3862131af0f7fe46da2
Size

128KB
MD5

1aec7aebd916c3862131af0f7fe46da2
SHA1

d28e8f70e08ec646911a0cf80588be14b34f096e
SHA256

bdcbf53b0892a56c62c0a097c650c13b0f9704b8968f5fe77d2a674204f05417
SHA512

6f8f22731c8e285e5a07732892bc822bb0015b8ab6dd74fcd8f2128fceb9b4e0176855d18e1e3c9cd60c3dfc877759c2c577b5ff8b748f7144591cbea7903dca
SSDEEP

1536:JcpV7h8KeHlvf8Txxl4HomNGGuNlWRWaY5H9zheZVa6kVnPlgEbtw:epV7h8K58ONiWJdeZUbnPltbtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aec7aebd916c3862131af0f7fe46da2

Files

1aec7aebd916c3862131af0f7fe46da2
.exe windows:4 windows x86 arch:x86

a4ff8fb3eb81b04a10c3f034b4c9698d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

select
ntohs
sendto
gethostbyname
getsockname
inet_addr
WSAStartup
inet_ntoa
closesocket
htons
recv
connect
send
socket

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegEnumKeyA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

user32

CharUpperA
CharUpperBuffA
wsprintfA
CharLowerA
wvsprintfA

kernel32

SetStdHandle
GetLocaleInfoA
WriteConsoleA
GetStringTypeW
GetStringTypeA
HeapReAlloc
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
GetProcAddress
VirtualAlloc
GetConsoleMode
GetConsoleCP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
Sleep
DeleteFileA
GetTickCount
SetFileAttributesA
WriteFile
GetTempPathA
SetEvent
CloseHandle
CreateFileA
GetModuleFileNameA
WaitForSingleObject
CreateMutexA
GetSystemDirectoryA
CopyFileA
SetErrorMode
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
CreateEventA
ReadFile
lstrcatA
lstrcpyA
lstrlenA
GlobalFree
GetFileSize
GetTempFileNameA
GlobalAlloc
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetEnvironmentVariableA
GetCurrentThread
lstrcpynA
SetThreadPriority
GetWindowsDirectoryA
FindClose
FindNextFileA
lstrcmpA
GetDriveTypeA
FindFirstFileA
WideCharToMultiByte
GetTimeZoneInformation
GetModuleHandleA
GetLocalTime
LoadLibraryA
CreateThread
ExitThread
HeapAlloc
GetProcessHeap
InterlockedIncrement
InterlockedDecrement
HeapFree
lstrcmpiA
GetSystemTime
SetFilePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetCurrentThreadId
GetLastError
GetCommandLineA
GetVersionExA
GetStartupInfoA
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
HeapSize
LCMapStringA
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

Sections

.text
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4ff8fb3eb81b04a10c3f034b4c9698d

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

wininet

user32

kernel32

Sections

.text Size: 92KB - Virtual size: 89KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 8KB - Virtual size: 13KB

.text
Size: 92KB - Virtual size: 89KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 8KB - Virtual size: 13KB