1f3ca85b8ad47ad153d7aabe05493140

General

Target

1f3ca85b8ad47ad153d7aabe05493140
Size

24KB
MD5

1f3ca85b8ad47ad153d7aabe05493140
SHA1

96956c3f33daac27d898f5ffee84a9863ef71978
SHA256

b32ea3e8b7b4a2d0c2224a3e9d29f9d469362d8d6512952e2fe336af7567ff66
SHA512

924a9467c42d6417a06a6aac3ee586def3f5f31627fff652b6c02894d3194fac72296cceecb7919e09409636fd8f9719dfff0e4819515ca9203a1e78e4c380bc
SSDEEP

384:Jtw6BPpWP4FbfXtHFAH3vrZGXfiOdXLqnIDe1xW:g6BPpg6ztCvlGldXenID4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f3ca85b8ad47ad153d7aabe05493140

Files

1f3ca85b8ad47ad153d7aabe05493140
.exe windows:4 windows x86 arch:x86

245a5e2ae8df24f700977cdc5f7fd4f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
ntohs
WSACleanup
closesocket
select
recv
socket
htons
connect
send
inet_addr
gethostbyname

kernel32

GetTempFileNameA
GetTempPathA
GetFileInformationByHandle
WriteFile
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
PeekNamedPipe
WaitForMultipleObjects
CreateThread
GetFileSize
CreatePipe
GetVersionExA
LocalFree
UnmapViewOfFile
MapViewOfFile
FreeLibrary
GetProcAddress
LoadLibraryA
DeleteFileA
GetComputerNameA
CreateFileA
SetFilePointer
ReadFile
CloseHandle
GetStartupInfoA
GetLastError
GetModuleFileNameA
Sleep
GetModuleHandleA
CreateProcessA

advapi32

DeleteService
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
CreateServiceA
ChangeServiceConfig2A
StartServiceA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
ControlService
RegDeleteKeyA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyExA
RegSetValueExA
RegCloseKey

msvcrt

__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_stricmp
_adjust_fdiv
memcpy
memset
strcpy
strcat
strlen
atoi
isdigit
strstr
strcmp
strncpy
_beginthreadex
sprintf
free
time
malloc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

245a5e2ae8df24f700977cdc5f7fd4f6

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB