3a12e2d59f66efb4e7a3f96c08288707

General

Target

3a12e2d59f66efb4e7a3f96c08288707
Size

79KB
MD5

3a12e2d59f66efb4e7a3f96c08288707
SHA1

b099ff241b6e357444585d97ff9c0ed8901d14fb
SHA256

7919ebd169f363d047b84caaa014e79d6effcd950e1da8845b616ec912785f73
SHA512

e36b6682d00fca86c9e473bcb0f7dde4d2fac27e119c01f8ea67cd49d504c6faeaead48221b2a8aede3445631d9b9ba9c7fc13fbcdd5764528322c51dec270db
SSDEEP

1536:j1d3nd62Nw7wu0dCExLbk704DY3gyFJtnC:j1lhNw0tdCaU7+3gy3tn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a12e2d59f66efb4e7a3f96c08288707

Files

3a12e2d59f66efb4e7a3f96c08288707
.exe windows:4 windows x86 arch:x86

ac4f137a7b06a6377e466b606f2b87a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
Sleep
CloseHandle
SetStdHandle
GetStringTypeW
GetStringTypeA
SetFilePointer
FlushFileBuffers
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
HeapAlloc
HeapReAlloc
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetLastError
SetConsoleCtrlHandler
HeapFree
VirtualAlloc

wsock32

WSAStartup
socket
htons
bind
ioctlsocket
sendto
WSACleanup

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac4f137a7b06a6377e466b606f2b87a3

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 15KB - Virtual size: 21KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 15KB - Virtual size: 21KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB