251ec9c69395e36db84ac2895668d615

Sharing

Copy URL Twitter E-mail

General

Target

251ec9c69395e36db84ac2895668d615
Size

92KB
MD5

251ec9c69395e36db84ac2895668d615
SHA1

145b430f42bfbd3e794e445ae222606de8a357aa
SHA256

cb5cdd61ed98f92df98391384ddf5376df2d6958e3a0ac20e51866a765337a34
SHA512

fae72d6380addf8cc96179398191e5aba89ad37f88ceb3c18c74edb3c2838fe9f03871f11f20b6dd3b0000585749209f1fe9f5dc375a9e5e24f2ab14fc3b6b50
SSDEEP

1536:VHhwlLA3+pXeAKfeXC6ryBhhF8HILJPIBZcYmcE:JmZAIXoF8gJcZc9cE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
251ec9c69395e36db84ac2895668d615

Files

251ec9c69395e36db84ac2895668d615
.exe windows:4 windows x86 arch:x86

8e5ddc541b6fe762a219777941b80d0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
closesocket
setsockopt
send
recvfrom
sendto
WSAStartup
socket
WSACleanup
gethostname
gethostbyname
bind
inet_ntoa
ioctlsocket
listen
accept

kernel32

OpenProcess
GetCurrentProcessId
Sleep
GetCurrentProcess
GetVersionExA
GetProcAddress
GetModuleHandleA
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
FileTimeToLocalFileTime
CompareFileTime
SystemTimeToFileTime
GetSystemTime
FreeLibrary
LoadLibraryA
SetLastError
lstrlenA
OpenEventA
WriteProcessMemory
GetModuleFileNameA
WaitForSingleObject
SetEvent
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
TerminateProcess
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
WriteFile
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
UnhandledExceptionFilter
ExitProcess
TlsAlloc
TlsFree
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
GetCommandLineA
GetStartupInfoA
HeapAlloc
CloseHandle
GetCurrentThreadId
SetEnvironmentVariableA
GetCurrentThread
SetThreadPriority
GetComputerNameA
GetTimeZoneInformation
SetFilePointer
InitializeCriticalSection
RtlUnwind
QueryPerformanceCounter
GetTickCount
SetStdHandle
HeapSize
FlushFileBuffers
CompareStringA
CompareStringW
GetFileType
HeapFree
CreateThread
GetLastError
TlsGetValue
TlsSetValue
ExitThread
GetSystemTimeAsFileTime

user32

CreateWindowExA
GetWindowThreadProcessId
EnumDisplaySettingsA
ChangeDisplaySettingsA
GetDC
GetCursorPos
ReleaseDC
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
PostQuitMessage
LoadIconA
wsprintfA
GetSystemMetrics
mouse_event
PostMessageA
ExitWindowsEx
EnumWindows
keybd_event
GetClassNameA
DestroyWindow
PostThreadMessageA
DialogBoxParamA
MessageBoxA
DefWindowProcA
EndDialog
ShowWindow

gdi32

GetDeviceCaps
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetDIBits
CreateDIBSection
GetRegionData
BitBlt
DeleteDC
DeleteObject
SelectObject

advapi32

RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetUserNameA

shell32

Shell_NotifyIconA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e5ddc541b6fe762a219777941b80d0b

Headers

File Characteristics

Imports

wsock32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 71KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 71KB

.rsrc
Size: 8KB - Virtual size: 5KB