07cc8a7cd576d246fc0c1b26304dfde9

Sharing

Copy URL Twitter E-mail

General

Target

07cc8a7cd576d246fc0c1b26304dfde9
Size

160KB
MD5

07cc8a7cd576d246fc0c1b26304dfde9
SHA1

8c38603d224f90cd105aa08c092487e2e1ef78e9
SHA256

f004d97083610ac1c3a9415478f8cc81d812fbd5749346df97319866c0b17f10
SHA512

d31e5c56f766f106866178e8ecaac61f7af47197955cc5bb5ce0d1807d57e7155b664bc744305f9ad84e130bc5dc393f2fedc6bda0da114dfe462d92ed779b8e
SSDEEP

3072:d3afMEBVh3SPPhZGkL9BcBLKJxRBlO+lJVUIcQxeB5moKvf:d3afMGLkPcB2/js+lJVUI7Q5mlf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07cc8a7cd576d246fc0c1b26304dfde9

Files

07cc8a7cd576d246fc0c1b26304dfde9
.exe windows:4 windows x86 arch:x86

3cc7a8a93511fb69a6bb0121ead1e14f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

shutdown
htonl
select
ntohl
WSAStartup
bind
accept
listen
recv
send
socket
closesocket
connect
ioctlsocket
htons
inet_addr
gethostname
gethostbyname
getsockname

kernel32

GetModuleHandleA
ResetEvent
WaitForMultipleObjects
ReadFile
GetProcAddress
CreateThread
GetSystemDirectoryA
LoadLibraryA
TerminateThread
ResumeThread
CreateMutexA
WaitForSingleObject
SetEvent
lstrcpynA
lstrcpyA
ReleaseMutex
FreeLibrary
GetCurrentThreadId
WideCharToMultiByte
GetACP
SetFilePointer
SetFileTime
WriteFile
GetFileSize
GetFileTime
SetEndOfFile
lstrcmpiA
CreateFileA
lstrlenA
GetLastError
CreateFileMappingA
SetConsoleCtrlHandler
TerminateProcess
GetCurrentProcess
GetTickCount
HeapAlloc
GetProcessHeap
OpenFileMappingA
GetComputerNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetVersionExA
CreatePipe
OpenMutexA
DuplicateHandle
OpenProcess
GetWindowsDirectoryA
DeleteFileA
MoveFileExA
GetLocalTime
FindClose
FindFirstFileA
CreateDirectoryA
GetMailslotInfo
CreateMailslotA
GetCurrentProcessId
UnhandledExceptionFilter
FreeEnvironmentStringsA
lstrcatA
CloseHandle
CreateEventA
OpenEventA
RtlUnwind
DeviceIoControl
GetFileType
Sleep
GetCPInfo
GetStdHandle
GetOEMCP
GetStringTypeA
GetStringTypeW
CompareStringA
SetStdHandle
FlushFileBuffers
CompareStringW
SetEnvironmentVariableA
UnmapViewOfFile
MapViewOfFile
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
LCMapStringA
MultiByteToWideChar
LCMapStringW
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
DeleteCriticalSection
HeapDestroy
HeapCreate
SetLastError
SetHandleCount
GetEnvironmentStringsW
GetTimeZoneInformation
TlsGetValue
TlsSetValue
GetEnvironmentStrings
FreeEnvironmentStringsW
HeapFree
TlsAlloc
ExitProcess
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion

user32

GetForegroundWindow
wsprintfA
GetMessageA
DispatchMessageA
TranslateMessage
DefWindowProcA
CreateWindowExA
RegisterClassA
MapVirtualKeyExA
GetKeyState
GetKeyboardLayoutList
MessageBoxA
AttachThreadInput
PeekMessageA
RegisterWindowMessageA
SendMessageTimeoutA
GetWindowThreadProcessId
GetWindowTextA
GetKeyboardLayout

advapi32

SetSecurityDescriptorDacl
StartServiceCtrlDispatcherA
InitializeSecurityDescriptor
SetServiceStatus
RegOpenKeyA
RegisterServiceCtrlHandlerA
RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
SetKernelObjectSecurity
GetSecurityDescriptorDacl
RegCloseKey
FreeSid
AddAccessAllowedAce
GetKernelObjectSecurity
AllocateAndInitializeSid
GetUserNameA
GetLengthSid
DeleteService
OpenServiceA
CloseServiceHandle
RegDeleteKeyA
RegDeleteValueA
OpenSCManagerA
RegSetValueExA
InitializeAcl

oleaut32

SysFreeString

ole32

CoInitialize

mpr

WNetCancelConnection2A
WNetAddConnection2A

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ptext
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3cc7a8a93511fb69a6bb0121ead1e14f

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

oleaut32

ole32

mpr

Sections

.text Size: 124KB - Virtual size: 121KB

.ptext Size: 8KB - Virtual size: 4KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 81KB

.text
Size: 124KB - Virtual size: 121KB

.ptext
Size: 8KB - Virtual size: 4KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 81KB