7342a48df93e3f630757cb876febe3e6

Sharing

Copy URL Twitter E-mail

General

Target

7342a48df93e3f630757cb876febe3e6
Size

156KB
MD5

7342a48df93e3f630757cb876febe3e6
SHA1

50c9b7f3984fa344936bd3d02ef8ddf63bb14d65
SHA256

40604b5d8f95ba8f15c138b8eb5fc12e9c135b124d1f238599db33abe73dd779
SHA512

349b5b19a429556bb20ddd27b01ad2f647cdd63a7899714828880079d3f8f62e8ef9a373e07c9b0c1740ec479c22439ea383b9dc4c68f1831df396800b4dab7f
SSDEEP

3072:Zt0Ay5SXTUycfNzFNwmxOwUcv+B+2L0Xgo66rECMq:UsXIyzm99IErE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7342a48df93e3f630757cb876febe3e6

Files

7342a48df93e3f630757cb876febe3e6
.exe windows:4 windows x86 arch:x86

86fce731971dd367d361d16c82577fea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
getpeername
shutdown
getsockname
connect
accept
closesocket
setsockopt
socket
gethostbyaddr
gethostbyname
sendto

wtsapi32

WTSEnumerateSessionsA
WTSOpenServerA
WTSCloseServer

mpr

WNetGetUniversalNameA
WNetGetUserA
WNetAddConnection2A

netapi32

NetUserGetInfo
NetGetAnyDCName
NetApiBufferFree

setupapi

SetupInstallServicesFromInfSectionA
SetupFindNextLine
SetupFindFirstLineA
SetupRemoveInstallSectionFromDiskSpaceListA
SetupRemoveSectionFromDiskSpaceListA
SetupQueueCopySectionA
SetupOpenLog
SetupCloseLog
SetupInitializeFileLogA
SetupLogFileA
SetupAddInstallSectionToDiskSpaceListA
SetupAddSectionToDiskSpaceListA
SetupFindNextMatchLineA
SetupRemoveFileLogEntryA
SetupTerminateFileLog

oleacc

AccessibleObjectFromEvent
GetStateTextA

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_controlfp
__dllonexit
_onexit
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_initterm
malloc
free
memset

kernel32

PulseEvent
CreateEventA
ResetEvent
GetProfileStringW
SetFileAttributesA
CreateProcessA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 929KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86fce731971dd367d361d16c82577fea

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

wtsapi32

mpr

netapi32

setupapi

oleacc

msvcrt

kernel32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 80KB - Virtual size: 929KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 80KB - Virtual size: 929KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB