f9e8f1108b80e94d95fabb1d3c8c9bb0

Sharing

Copy URL Twitter E-mail

General

Target

f9e8f1108b80e94d95fabb1d3c8c9bb0
Size

44KB
MD5

f9e8f1108b80e94d95fabb1d3c8c9bb0
SHA1

c152bf705aaa5fbfa6a8aab4c6b96930becc992b
SHA256

e73edfb3b024a58a01e8448891c5013b144ecc291a794381dfa0c28a52a20a75
SHA512

749ae26121d8299b14cb2e15fbad8a1fd24f955060b9b618c37741076ffbacb052df34e7199000dc8b9ef55164dc6e66b04b6546df9f5513e32cfacf1cad72bd
SSDEEP

768:Swzt77tQEf8kJFEUkrlDqcihWmOuFY3BRTxVMrh6+ys:NzfP8kAluFhWlDRl6rh6+ys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9e8f1108b80e94d95fabb1d3c8c9bb0

Files

f9e8f1108b80e94d95fabb1d3c8c9bb0
.exe windows:4 windows x86 arch:x86

88ea541c063891071b9660c33df8a5b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
GetTempPathA
lstrlenA
GetSystemDefaultUILanguage
WaitForSingleObject
GetLastError
CreateMutexA
GetModuleHandleA
GetCurrentThreadId
GetWindowsDirectoryA
GetStartupInfoA
TerminateProcess
OutputDebugStringA
ExitThread
GetTickCount
GetVersionExA
lstrcpyA
GlobalMemoryStatusEx
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
Sleep
CreateThread

user32

GetDesktopWindow
GetMessageA
PostThreadMessageA
GetInputState
wsprintfA

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
StartServiceCtrlDispatcherA
RegOpenKeyExA

ws2_32

recv
send
__WSAFDIsSet
htons
socket
connect
closesocket
select
WSAStartup
htonl
inet_ntoa
setsockopt
gethostbyname
inet_addr
sendto
WSASocketA
WSACleanup
WSAIoctl

iphlpapi

GetIfTable

shlwapi

SHDeleteKeyA

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_strrev
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
srand
realloc
malloc
strlen
__CxxFrameHandler
_CxxThrowException
memcpy
atoi
strncpy
strcspn
memset
strstr
strcpy
sprintf
free
??2@YAPAXI@Z
exit
strcat
strncmp
_except_handler3
??3@YAXPAX@Z
rand

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88ea541c063891071b9660c33df8a5b3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

iphlpapi

shlwapi

msvcrt

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 2KB