59b0a3038852923284f4d47366b78a43

Sharing

Copy URL Twitter E-mail

General

Target

59b0a3038852923284f4d47366b78a43
Size

310KB
MD5

59b0a3038852923284f4d47366b78a43
SHA1

beff5a1e684e35ec0255dcd0899e2c719b446886
SHA256

bd1e0322237dcb1327acf0e256fd50051bea0dd33032a9822f4a9a221e20ef75
SHA512

74d81ed82b9f5d5bd57cd563d212ddb2182f281fecbb388a57d9c13297ed57f134cf4d097d2ffd9ef1416285c8cccae22254552b337b9e0b9c6f02bf3f366315
SSDEEP

6144:I8lyRkgGrYzIi7IWfD05l8jdLRsVORkgqZzCcpZDf2dhGo03BSmfzCP7H:flyjtvD05luIYjgCG5HSQzCP7

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RemoteWebcam/cliente/Remote Webcam.exe
unpack001/RemoteWebcam/server/oranxlander.exe

Files

59b0a3038852923284f4d47366b78a43
.zip
RemoteWebcam/cliente/Remote Webcam.exe
.exe windows:4 windows x86 arch:x86

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
VirtualFree
lstrcpyA
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
lstrlenA
VirtualAlloc
ReadFile
CreateFileA
GetModuleFileNameA
GetLastError
CreateMutexA

user32

SetCursor
LoadCursorA
wsprintfA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RemoteWebcam/server/oranxlander.exe
.exe windows:4 windows x86 arch:x86

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
VirtualFree
lstrcpyA
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WriteFile
lstrlenA
VirtualAlloc
ReadFile
CreateFileA
GetModuleFileNameA
GetLastError
CreateMutexA

user32

SetCursor
LoadCursorA
wsprintfA
MessageBoxA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 574B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msn hack.url
readme.reg
www.HackearMsn.Net.url

Sharing

General

Malware Config

Signatures

Files

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 9KB

.idata Size: 1024B - Virtual size: 574B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 896B

678986d7fe8eb1ebce8a0b924f59474d

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 512B - Virtual size: 32B

.data Size: 512B - Virtual size: 9KB

.idata Size: 1024B - Virtual size: 574B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 896B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 9KB

.idata
Size: 1024B - Virtual size: 574B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 896B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 512B - Virtual size: 32B

.data
Size: 512B - Virtual size: 9KB

.idata
Size: 1024B - Virtual size: 574B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 896B