479dde39da07310dd6ac85966924a9da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

479dde39da07310dd6ac85966924a9da
Size

60KB
MD5

479dde39da07310dd6ac85966924a9da
SHA1

215d1a71366391b471e5f599706bff119a3f746d
SHA256

55d562a6680a6f95f4415ffbf6d00dcb247bbbfca91dcddcaa10d1831046de15
SHA512

e4741344fb340439bf976a8889149086caef2686b3a4a8c02126d798dada242ea833d0c91722d10a338844c6e18f2c91459c314596915483407ca99841b717bc
SSDEEP

768:zpK3zR6nQ2mQeLRKmft92emVSMvyqye/i92G0:9kzGSL3t92esqqy01G0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
479dde39da07310dd6ac85966924a9da

Files

479dde39da07310dd6ac85966924a9da
.exe windows:4 windows x86 arch:x86

26875ba283c2dcb6f82adc878d564343

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

msvcrt

_controlfp
_onexit
_strupr
_stricmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
time
srand
atoi
rand
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
isspace
strchr
__dllonexit
_strnicmp

wininet

InternetQueryOptionA
InternetSetOptionA

ws2_32

WSACleanup
gethostbyname
gethostname
WSAStartup
inet_ntoa

advapi32

GetUserNameA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

Sleep
GetVersionExA
GetLastError
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteFileA
WriteFile
CloseHandle
GetModuleHandleA
CreateFileA
GetSystemDirectoryA
CreateProcessA
PeekNamedPipe
ReadFile
GetFileSize
GetTempPathA
SetFilePointer

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ