0513114b82b11d1a34e9de012d5e5439

General

Target

0513114b82b11d1a34e9de012d5e5439
Size

18KB
MD5

0513114b82b11d1a34e9de012d5e5439
SHA1

fdc3d1c436387a5a5fd1952df40d914925b76471
SHA256

d717e701553e13af2eb7f4c6dfaf461a011bc467cc3f35c04b47d119bdcab99e
SHA512

4c1d0202ebeef483bd60ff64342f521c969bcc4234d94ae8c2582e84d9da4877f3e0e5d9e258eebe74fbb9c89dc6a02d8c3c4050cfd9b90bc614b3eb900067bd
SSDEEP

192:zmdNT31BJ/uTRloOq+T1zCErV/hk04f1kx4dtPaT7DN2EyINUoy8pCs/k/2ll:O92oX+Bx81kx4dFmN2Ey9WpCsDl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0513114b82b11d1a34e9de012d5e5439

Files

0513114b82b11d1a34e9de012d5e5439
.exe windows:4 windows x86 arch:x86

df178c61a18034afa6709aed28e267eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord540
ord2846
ord2818
ord537
ord2764
ord6648
ord2915
ord4129
ord800

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
printf
rand
srand
time
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
__CxxFrameHandler
strncmp
atoi
strstr
exit
sprintf
_ltoa

kernel32

CreateThread
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcpyA
GetEnvironmentVariableA
lstrcatA
GetStartupInfoA
GetModuleHandleA
DeleteFileA
CopyFileA
GetLastError
lstrlenA
GetVersionExA
GlobalMemoryStatus
GetModuleFileNameA
Sleep
GetSystemDirectoryA
ExitThread
GetCurrentProcessId
GetTickCount
HeapAlloc
GetProcessHeap
GetShortPathNameA

user32

wsprintfA

comdlg32

GetFileTitleA

advapi32

RegOpenKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
DeleteService
OpenServiceA
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA
CreateServiceA
StartServiceA
RegCloseKey
CloseServiceHandle
StartServiceCtrlDispatcherA

ws2_32

select
gethostname
sendto
gethostbyname
inet_addr
htons
setsockopt
WSASocketA
WSAStartup
htonl
connect
socket
send
inet_ntoa
closesocket
WSAGetLastError
recv
__WSAFDIsSet

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df178c61a18034afa6709aed28e267eb

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

comdlg32

advapi32

ws2_32

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 243KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 243KB