00b9619613bc82f5fe117c2ca394a328

Sharing

Copy URL

Twitter E-mail

General

Target

00b9619613bc82f5fe117c2ca394a328
Size

15KB
MD5

00b9619613bc82f5fe117c2ca394a328
SHA1

fabcd151817dc5683704a72763a23bc1d3944848
SHA256

e67e58bc736bd54e6915cb43af5f3c332da3592839a5a4884ba141b089310815
SHA512

2296c53f69df95697c902af1b51711f0d18fa2d748cc6156e409dfa1e02317d0d2a53ea448b03346e36d482c1c856e3d7ac11df110cf9995f451b1c772685de3
SSDEEP

384:y4Od9Q2hJy5g75aqOuHh7parHdAI0ltTvzTnN:y4aQ2hJyFqOuHhLtzz5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b9619613bc82f5fe117c2ca394a328

Files

00b9619613bc82f5fe117c2ca394a328
.exe windows:4 windows x86 arch:x86

840c8e21162878d259f9fb3925bcb19c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrlenA
FindClose
FindNextFileA
FindFirstFileA
lstrcatA
DeleteFileA
Sleep
CloseHandle
GetShortPathNameA
GetModuleFileNameA
CreateEventA
SetErrorMode
GetTickCount
ExitProcess
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
GetFileAttributesA
GetCurrentProcess
GetEnvironmentVariableA
GlobalMemoryStatus
GetSystemInfo
GetVersionExA
GetComputerNameA
ReadFile
GetFileSize
TerminateProcess
WaitForSingleObject
CreateProcessA
GetSystemDirectoryA
GetStartupInfoA
FlushFileBuffers
WriteFile
CreateFileA
SetFilePointer
CreateDirectoryA
GetLastError
SetPriorityClass
SetCurrentDirectoryA

user32

CharNextA

msvcrt

memcpy
??2@YAPAXI@Z
fclose
fread
fseek
memset
free
sprintf
fprintf
fwrite
_stat
atoi
strchr
strcpy
strstr
strlen
_except_handler3
rand
srand
time
strrchr
setlocale
__CxxFrameHandler
strcat
swprintf
rename
fputs
fgets
_access
__dllonexit
_onexit
??3@YAXPAX@Z
memcmp
malloc
fopen

ws2_32

send
WSAGetLastError
recv
socket
select
inet_ntoa
WSAStartup
htons
inet_addr
setsockopt
connect
closesocket
__WSAFDIsSet
WSACleanup
gethostbyname

mpr

WNetGetUserA

shell32

ShellExecuteExA
SHChangeNotify
ShellExecuteA

iphlpapi

GetAdaptersInfo

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

840c8e21162878d259f9fb3925bcb19c

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ws2_32

mpr

shell32

iphlpapi

advapi32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 4B

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B