58ae33cbabd983ac7b94c879085f310c

Sharing

Copy URL

Twitter E-mail

General

Target

58ae33cbabd983ac7b94c879085f310c
Size

308KB
MD5

58ae33cbabd983ac7b94c879085f310c
SHA1

174788a6731ee9f254818c1c2bad9ec414c5c341
SHA256

e43b35d4b575708a3ebc1b183a8040f6311d1881b7b736bfb1e0f5e05905d49f
SHA512

09d069d35c41046414ab7cad063f9a13b4f07114b87feb9b182a2c4b93d6376b8b3f560ff156d1bf159800ac4ec7fbf07185e024397bb90ffdd85db97e4948aa
SSDEEP

6144:WaUXwC2dPLiBNh0z2ZzCfnTvdEc6kyF4WWwHbtY4vCGGvY:WaRPo62ZMhEuWWw64vU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58ae33cbabd983ac7b94c879085f310c

Files

58ae33cbabd983ac7b94c879085f310c
.exe windows:4 windows x86 arch:x86

8498560fcf590c79a3def44321b86531

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_iob
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
sprintf
isdigit
calloc
printf
perror
_errno
__CxxFrameHandler
strerror
fflush
wcstombs
mbstowcs
wcscpy
memchr
_except_handler3
fprintf
strcat
toupper
sscanf
fputc
wcscat
strtok
_ftol
_memccpy
__p__commode
rand
srand
fwrite
fseek
ftell
malloc
free
exit
strncmp
atof
strchr
strncat
memcmp
system
atoi
strcpy
fgets
fopen
fread
strcmp
fclose
memmove
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
_CxxThrowException
??0exception@@QAE@ABV0@@Z
_vsnprintf
strlen
strncpy
memcpy
memset
strstr
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
__p__fmode
__set_app_type
_controlfp
_stricmp
_strdup

msvcp60

?_Xran@std@@YAXXZ
?_Xlen@std@@YAXXZ

kernel32

GetStartupInfoA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
TransactNamedPipe
FindFirstFileA
FindNextFileA
FindClose
GetCurrentThread
GetCurrentProcess
CreateEventA
MoveFileA
CreateDirectoryA
RemoveDirectoryA
GetTempPathA
MultiByteToWideChar
GetLastError
CopyFileA
GetModuleFileNameA
OpenProcess
GetModuleHandleA
CreateThread
TerminateThread
FreeConsole
AllocConsole
GetStdHandle
CreateNamedPipeA
WaitNamedPipeA
TerminateProcess
GlobalMemoryStatus
GetVersionExA
GetComputerNameA
ExpandEnvironmentStringsA
CreateProcessA
GetSystemDirectoryA
ExitProcess
GetTickCount
Sleep
ReadFile
SetFilePointer
CloseHandle
GetFileSize
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GlobalFree
WriteFile
GlobalAlloc
DeleteFileA

user32

ExitWindowsEx
wsprintfA
ReleaseDC

advapi32

StartServiceCtrlDispatcherA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
GetUserNameA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
DeleteService
ControlService
EnumServicesStatusA
RegQueryValueExA
OpenThreadToken
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceA
OpenServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegDeleteValueA

shell32

ShellExecuteA

ws2_32

WSAStartup
socket
htons
bind
listen
gethostbyname
WSACleanup
ntohl
select
__WSAFDIsSet
WSAGetLastError
connect
closesocket
accept
shutdown
recvfrom
getsockopt
WSASocketA
setsockopt
htonl
sendto
send
recv
inet_addr
gethostname
WSAIoctl
gethostbyaddr
inet_ntoa
ioctlsocket
ntohs
getpeername
getsockname

netapi32

NetRemoteTOD
NetScheduleJobAdd
NetUserEnum
NetShareEnum
NetApiBufferFree
NetUseDel
NetUseAdd

mpr

WNetAddConnection2A
WNetCancelConnection2W
WNetCancelConnection2A
WNetAddConnection2W

psapi

GetModuleBaseNameA
EnumProcessModules
EnumProcesses

dnsapi

DnsQuery_A

odbc32

ord75
ord41
ord24
ord9
ord31
ord11

gdi32

BitBlt
GetDIBits
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
GetDeviceCaps
CreateDCA

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uwreqqt
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8498560fcf590c79a3def44321b86531

Headers

File Characteristics

Imports

msvcrt

msvcp60

kernel32

user32

advapi32

shell32

ws2_32

netapi32

mpr

psapi

dnsapi

odbc32

gdi32

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 56KB - Virtual size: 71KB

.uwreqqt Size: 16KB - Virtual size: 16KB

Size: 12KB - Virtual size: 9KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 56KB - Virtual size: 71KB

.uwreqqt
Size: 16KB - Virtual size: 16KB