04d31ee858eac99ba708cddf8e6612bf

Sharing

Copy URL Twitter E-mail

General

Target

04d31ee858eac99ba708cddf8e6612bf
Size

77KB
MD5

04d31ee858eac99ba708cddf8e6612bf
SHA1

288861d5d9a14adcbf780a5f43bb7aeedd19e601
SHA256

c06cd746022068c98989ddc795ef563f4a73ed2e90f4d2ca3986f78bd2bed890
SHA512

3bf2a25879df54f28738765e3f5cf9132af80b0276def27ff5bed7f3cbbb176b929c4a465850184b2c5514a1e9505e4e4a8e1d6821ab0946989481de498d140c
SSDEEP

1536:AwgHHNLks7YFKdeosXXHc7YbeXZCrf1hg:oHHNLks4GtsXX87DUrNhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04d31ee858eac99ba708cddf8e6612bf

Files

04d31ee858eac99ba708cddf8e6612bf
.exe windows:4 windows x86 arch:x86

17e0ec5531c844b32b65423a2f5c844f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileMappingA
GetLocalTime
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
GlobalMemoryStatus
IsBadWritePtr
lstrlenA
lstrcpyA
GetCurrentThread
GetLastError
GetThreadPriority
GetSystemDirectoryA
CreateFileA
GetWindowsDirectoryA
GetComputerNameA
GetVersionExA
HeapReAlloc
HeapAlloc
HeapFree
GetEnvironmentStringsW
GetEnvironmentStrings
CreateDirectoryA
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
LCMapStringA
WideCharToMultiByte
LCMapStringW
VirtualAlloc
VirtualFree
MultiByteToWideChar
HeapDestroy
WriteFile
CompareStringW
CompareStringA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetTimeZoneInformation
FlushFileBuffers
SetStdHandle
RtlUnwind
SetEnvironmentVariableA
WinExec
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetModuleHandleA
HeapCreate
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
CloseHandle
GetVersion
GetStartupInfoA
GetCommandLineA
GetCurrentProcess
SetFilePointer
ReadFile
ExitProcess
TerminateProcess

user32

RegisterClassA
PostQuitMessage
SetTimer
TranslateMessage
CreateWindowExA
DispatchMessageA
GetMessageA
DefWindowProcA
GetParent
GetDesktopWindow
EnumChildWindows
KillTimer
GetClassNameA
GetWindowLongA
SendMessageA

advapi32

RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
GetUserNameA
RegQueryValueExA

wsock32

send
WSAStartup
WSAIsBlocking
WSACancelBlockingCall
WSACleanup
getservbyname
htons
connect
ioctlsocket
gethostbyname
select
closesocket
recv
WSAGetLastError
inet_ntoa
inet_addr
socket

Sections

.text
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17e0ec5531c844b32b65423a2f5c844f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

Sections

.text Size: 51KB - Virtual size: 52KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 15KB - Virtual size: 268KB

.idata Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 52KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 15KB - Virtual size: 268KB

.idata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB