f958ce0e8a5a4e737fb54b765d561d5a

General

Target

f958ce0e8a5a4e737fb54b765d561d5a
Size

12KB
MD5

f958ce0e8a5a4e737fb54b765d561d5a
SHA1

bde020ba8d0e98269d6ce48cec8cc01bbf5f49db
SHA256

c4ef743c9ccfd621e7d20a58b53d67132e58c6d038359718fe93eeb994729e1f
SHA512

fa4a0c789b867a095bf57d7002118426da6b12a290356d3edb7585ccc7754c23bb7f06ee3b9280e74d56e0d9568a36b3cb13e6cabdc7515ec1b015c2e6128efb
SSDEEP

384:8C3mejlHxLEqnY2OGD2LwxdT9D11yFtow:njVnvBD2+dVy4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f958ce0e8a5a4e737fb54b765d561d5a

Files

f958ce0e8a5a4e737fb54b765d561d5a
.exe windows:4 windows x86 arch:x86

162ed833c2b913ff294947782ad6fed9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetVersionExA
GetComputerNameA
DeleteFileA
GetFileAttributesA
GetTempPathA
GetProcAddress
LoadLibraryA
GetTickCount
Process32First
Sleep
SetPriorityClass
OpenProcess
GetCurrentProcessId
GetLastError
CreateMutexA
GetCurrentThreadId
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
Process32Next
ExitProcess
CloseHandle

user32

GetInputState
wsprintfA
PostThreadMessageA
GetMessageA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA

ws2_32

WSACleanup
WSAStartup

netapi32

Netbios

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

_mkdir
_controlfp
??1type_info@@UAE@XZ
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_strrev
_initterm
__getmainargs
_acmdln
exit
sprintf
strcpy
memset
strlen
??2@YAPAXI@Z
fclose
strstr
sscanf
fscanf
fopen
strcat
strchr
__CxxFrameHandler
memcpy
memmove
memcmp
free
??0exception@@QAE@ABV0@@Z
_CxxThrowException
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
__dllonexit
_onexit
_exit
_XcptFilter

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

162ed833c2b913ff294947782ad6fed9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

netapi32

wininet

msvcrt

Sections

.text Size: 10KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 896B

.text
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 896B