7d064a15b6e9708c5766f0754b334acc

Sharing

Copy URL Twitter E-mail

General

Target

7d064a15b6e9708c5766f0754b334acc
Size

212KB
MD5

7d064a15b6e9708c5766f0754b334acc
SHA1

e4309f13df5164e1526baa7622f996e0ea5b994b
SHA256

75f1e8b53acbfb0decafd9b10fc27edfed8f710d3205007680f1d8cece07a5c9
SHA512

24129794af673df3779fe90bec3ea04bfaa0b836b648cc8aa4dc59dade511f555e2101096beddcc73a5fdd967fab1cbf9d020108b989ab6521abd825fd2a3d54
SSDEEP

3072:PlCsYNrrYpJaL7OqnVT6lALLoGFqF6JpDvpochu:PxYNrrYpJa+uVT6lALcGF9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d064a15b6e9708c5766f0754b334acc

Files

7d064a15b6e9708c5766f0754b334acc
.exe windows:4 windows x86 arch:x86

245eb851b8b5e5735d36642cf59bded3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetPrivateProfileStringA
Sleep
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
LoadResource
MultiByteToWideChar
IsBadCodePtr
SetUnhandledExceptionFilter
SetConsoleCtrlHandler
VirtualAlloc
GetLastError
HeapReAlloc
HeapAlloc
VirtualFree
HeapFree
HeapCreate
SizeofResource
DeleteFileA
SetFilePointer
GetFileSize
WriteFile
ReadFile
CloseHandle
GetStringTypeA
CreateFileA
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
FlushFileBuffers
TerminateProcess
GetModuleFileNameA
InterlockedIncrement
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
IsBadWritePtr
IsBadReadPtr
HeapValidate
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA

user32

TranslateAcceleratorA
GetMessageA
LoadStringA
RegisterClassExA
LoadCursorA
DispatchMessageA
CreateWindowExA
PostQuitMessage
EndPaint
DrawTextA
GetClientRect
LoadIconA
DialogBoxParamA
EndDialog
BeginPaint
DestroyWindow
DefWindowProcA
TranslateMessage

advapi32

RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegEnumKeyA

shell32

ShellExecuteA

ws2_32

WSACleanup
WSAStartup
inet_ntoa
gethostbyname
inet_addr
closesocket
recv
send
connect
htons
socket

iphlpapi

SendARP

Sections

.text
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

245eb851b8b5e5735d36642cf59bded3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

iphlpapi

Sections

.text Size: 164KB - Virtual size: 160KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 16KB - Virtual size: 22KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 160KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 16KB - Virtual size: 22KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 4KB