5842bb39983e2f6de0b6e47a22d45474

Sharing

Copy URL Twitter E-mail

General

Target

5842bb39983e2f6de0b6e47a22d45474
Size

189KB
MD5

5842bb39983e2f6de0b6e47a22d45474
SHA1

cc9ec49d8814140d3631c511910eb4253bc2de90
SHA256

bdc67dd9c9a444310f8cf5197441cc0cf5f3a3cbecfd11e1f87323d8101f11e1
SHA512

37504d7c5d327c0f85ff9a3a3824c8f40a529c903fd7660fb63c21a4f295ccb0d71ba554c7440bd2bb00bbaefb2b69ed9997b5a411e81bffa81ac90f9d12fe07
SSDEEP

3072:o5FekSLvbAWVw4bJS80ZKuMZUt5e2UFX8HKuNcy3p+INn5QAGKxAiypgsNkZcFBg:UEBLvJVPJwZgB2uX8HKutMIWzKxAiahz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5842bb39983e2f6de0b6e47a22d45474

Files

5842bb39983e2f6de0b6e47a22d45474
.exe windows:5 windows x86 arch:x86

7ce4293e5fad91e230d1a68505506526

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

accept
connect
closesocket
send

kernel32

GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
WriteProcessMemory
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
lstrcmpiA
GetModuleHandleA
IsDebuggerPresent
GetCurrentProcess
ReadConsoleA
AllocConsole
lstrcmpA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
InitializeCriticalSectionAndSpinCount
SetEnvironmentVariableA
CompareStringW
MultiByteToWideChar
CompareStringA
IsValidCodePage
lstrcatA
ExitProcess
GetLocaleInfoA
lstrlenA
GetModuleHandleW
GetStartupInfoA
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
RtlUnwind
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP

user32

SetFocus
IsWindow
RegisterClassExA
DispatchMessageA
DestroyIcon
EnableMenuItem
GetSysColor
UpdateWindow
LoadMenuA
TranslateMessage
GetWindowRect
InsertMenuA
DialogBoxParamA
GetWindowLongA
CallWindowProcA
MessageBoxA

gdi32

SelectObject
DeleteDC
BitBlt
CreateDCA
RealizePalette

comdlg32

ChooseFontA

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ce4293e5fad91e230d1a68505506526

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 95KB - Virtual size: 94KB

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 95KB - Virtual size: 94KB