008022d94f0c769fae7c041e81067332 | Triage

Sharing

General

Target

008022d94f0c769fae7c041e81067332
Size

25KB
MD5

008022d94f0c769fae7c041e81067332
SHA1

48ccd9a2f5b85594c0060f47a7397bd01eb21fee
SHA256

97608b7cca856cf39d09dbb8fb2faaaf0aeba314d26ed2c433200f470ffcf4b7
SHA512

cfe5890f82c93edb5d4d37481ffc8cc49b2be42944562a6f0d696fb9dc800338b6b48d9475333a7bd99f7eb875eecd1cd5a87bc3b236959dea58862f4c68b25d
SSDEEP

384:Nw8SVzbDkSKOHV+E7waxqlHKfPXgX3ZFtD2ElwnZ8riw1e83QUiE076xjhQ6T7/F:O33vKe3f3fPXCFtD29WrzL3QIp7Nx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
008022d94f0c769fae7c041e81067332

Files

008022d94f0c769fae7c041e81067332
.exe windows:4 windows x86 arch:x86

b8b690144fc5c5b99bfaeb7598590af2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTime
GetTickCount
MoveFileA
DeleteFileA
GetVersion
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetWindowsDirectoryA
GetSystemDirectoryA
FindClose
QueryPerformanceCounter
ExitProcess
GetLastError
CreateSemaphoreA
WinExec
GetCurrentDirectoryA
GetEnvironmentVariableA
CreateDirectoryA
CopyFileA
SetCurrentDirectoryA
GetModuleFileNameA
WritePrivateProfileStringA
FindNextFileA
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
GlobalFree
GlobalReAlloc
FindFirstFileA
GlobalAlloc

shell32

ShellExecuteA

advapi32

RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegDeleteKeyA
RegSetValueExA

user32

FindWindowA

shlwapi

PathFileExistsA

ws2_32

WSAStartup
htons
socket
connect
closesocket
gethostbyname

wininet

InternetCrackUrlA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE