47d3f0cf86bccd3db7036c16b662c11c

Sharing

Copy URL Twitter E-mail

General

Target

47d3f0cf86bccd3db7036c16b662c11c
Size

75KB
MD5

47d3f0cf86bccd3db7036c16b662c11c
SHA1

0c21f8d30cbe1c1413381f25b973889b232fa255
SHA256

34e1dd85adcd7d657c1c32aed1f2a46660ed0c022cb5370ac4ebd800ecc1bd2c
SHA512

974a241a9878f201026eafe026227008180f952b16497d284538890029cdec05908ffebc65b512aa1c52b31bcc9cc0332f42ee7ceae8057088929b2809d1d4f2
SSDEEP

1536:SsvnpOn1tdcTtkGYrfgllDdQ0i0PbmQLpAlAmRT5rg:SsvO1td3NMc0NTAT5rg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47d3f0cf86bccd3db7036c16b662c11c

Files

47d3f0cf86bccd3db7036c16b662c11c
.exe windows:5 windows x86 arch:x86

d194a2f27edfcd511b49db609ec33938

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
select
recv
send
listen
getsockname
recvfrom
accept
WSASetLastError
socket
setsockopt
bind
connect
htons
getservbyport
ntohs
getservbyname
ioctlsocket
gethostbyname
inet_addr
gethostbyaddr
closesocket
WSAGetLastError
WSAStartup
WSACleanup

kernel32

TlsSetValue
SetEndOfFile
GetNumberOfConsoleInputEvents
PeekConsoleInputA
DuplicateHandle
CreateFileA
CloseHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFile
GetLocaleInfoA
HeapSize
SetFilePointer
WriteConsoleW
GetConsoleOutputCP
GetStdHandle
FreeConsole
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
RtlUnwind
HeapAlloc
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
DeleteCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
GetLastError
HeapFree
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsGetValue
TlsAlloc
GetProcessHeap
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
SetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CompareStringA
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
WriteConsoleA

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d194a2f27edfcd511b49db609ec33938

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

kernel32

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 436B