00704a21c9b8c1aa1f32b4fca4cdbe0a

General

Target

00704a21c9b8c1aa1f32b4fca4cdbe0a
Size

156KB
MD5

00704a21c9b8c1aa1f32b4fca4cdbe0a
SHA1

6578984533c9f92424968fa37049f856c2ae6284
SHA256

3d908f02b2028c17ec49c0eece029ecc6a1be7eb1c540b1379256115d86a72a8
SHA512

8f50afdcd3ca4e90ef30fc64ce6ec99c3d04700d5bf6dc3d73d33816d19d5f132e245235a8bbd8a0411bf5e585b4f53da84077b5e1cd63f216ac68711b063df3
SSDEEP

3072:8fMhALYnp8Rksu79s+d1f0qPOFoJm6FJ2saA1p4uPkrYYZTOH30:4MhALYniRlUd1N9m1BQFkfZY0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00704a21c9b8c1aa1f32b4fca4cdbe0a

Files

00704a21c9b8c1aa1f32b4fca4cdbe0a
.exe windows:4 windows x86 arch:x86

16bacde7b49242cef9ab84b9c9575a54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
CloseHandle
WriteFile
LockResource
CreateFileA
LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
DeleteFileA
Sleep
CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetLastError
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetTimer

ws2_32

connect
htons
socket
gethostbyname
gethostname
closesocket
recv
send
WSACleanup
WSAStartup

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16bacde7b49242cef9ab84b9c9575a54

Headers

File Characteristics

Imports

kernel32

user32

ws2_32

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 16KB - Virtual size: 20KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 16KB - Virtual size: 20KB

.rsrc
Size: 52KB - Virtual size: 51KB