1e9561897cfea97a462024de7e05ad60

General

Target

1e9561897cfea97a462024de7e05ad60
Size

18KB
MD5

1e9561897cfea97a462024de7e05ad60
SHA1

76841b6dc11f59d85e76d18659eae3dc9cee008c
SHA256

3907f4e512b7d93033e3b67afda2fef0154d7509fc566d570daf9624f331bdac
SHA512

2c9599f7af8f567d6441dede50555050e464f7a5bf5343201565ddd7cca6e78aa61cb66019467898700d19779d3e9293d4dd56872203a3e661c1bb4b8e66cacc
SSDEEP

384:iRZ177MwhFl2DjsBucAmhCGn25sK5lVGCx8HU9qf1dJlszJP+XUWViWGY:iVfMwTlHcVmhCGnQsK5LbxCU0f1drszs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e9561897cfea97a462024de7e05ad60

Files

1e9561897cfea97a462024de7e05ad60
.dll windows:4 windows x86 arch:x86

2cb512f1563fcd79237ea700037baf82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetTickCount
Sleep
IsBadReadPtr
GlobalFree
lstrcatA
lstrcpynA
lstrcpyA
GlobalAlloc
VirtualProtect
GetProcAddress
lstrlenA
VirtualFree
LoadLibraryA
VirtualAlloc
ResumeThread
CreateThread
CloseHandle
ReadFile
GetFileSize
CreateFileA
GetWindowsDirectoryA
lstrcmpiA
DeleteFileA
ExpandEnvironmentStringsA
GetModuleFileNameA
_lclose
_lopen
GetPrivateProfileStringA
GetPrivateProfileIntA
_lcreat
GetTempPathA
CopyFileA
GlobalReAlloc
GlobalSize
WriteFile
SetFilePointer

user32

wsprintfA
CharLowerBuffA

shell32

ShellExecuteA

ole32

CoCreateGuid

msvcrt

fclose
fprintf
fopen
fscanf
memset
_onexit
memcpy
strlen
strstr
__dllonexit

ws2_32

gethostname
WSAStartup
gethostbyname

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb512f1563fcd79237ea700037baf82

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

msvcrt

ws2_32

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB