20ccfd4d893a181e9eb0bba535da48c3

Sharing

Copy URL Twitter E-mail

General

Target

20ccfd4d893a181e9eb0bba535da48c3
Size

108KB
MD5

20ccfd4d893a181e9eb0bba535da48c3
SHA1

e5e183d235a03f46e15dae3ca00adc5d82b669a5
SHA256

0d227c1b78d1a22ad614a1f2501f0b1979936fef1f674be1dbc3f473e3e3a0e0
SHA512

69d1db4e848e8d47f0146bf83256bcc301127e163cf8a854a910583fd8f1b265442703802d0927565daf18d0052c3ae229c905a104c67b8ca6ddffd7179b7f4d
SSDEEP

1536:z3SdaUmepcs3LDZd6zdiIvz3OBu5DUOFu6or:z3S8Umi3HAiozNUyor

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20ccfd4d893a181e9eb0bba535da48c3

Files

20ccfd4d893a181e9eb0bba535da48c3
.exe windows:4 windows x86 arch:x86

37cbc7ac5812c6a9b05b1e9554fba924

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSASocketA
setsockopt
htonl
sendto
inet_addr
gethostbyname
closesocket
recv
WSACleanup
WSAGetLastError
WSAStartup
socket
htons
connect
send
WSAAsyncSelect

kernel32

SetUnhandledExceptionFilter
FlushFileBuffers
ExitProcess
CreateProcessA
CopyFileA
GetModuleFileNameA
GetSystemDirectoryA
GetCurrentDirectoryA
CloseHandle
GetCurrentProcess
DeleteFileA
WriteFile
CreateFileA
ResumeThread
CreateThread
Sleep
ExpandEnvironmentStringsA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualAlloc
GetVersionExA
GetComputerNameA
SetFileAttributesA
GetCurrentProcessId
GetTickCount
HeapAlloc
GetProcessHeap
SetFilePointer
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetEndOfFile
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetCPInfo
GetACP
GetOEMCP
ReadFile
GlobalMemoryStatus
MultiByteToWideChar
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
RaiseException
HeapFree
TerminateProcess
GetLastError
HeapReAlloc
HeapSize
UnhandledExceptionFilter

user32

wsprintfA
DefWindowProcA
ExitWindowsEx
PostQuitMessage
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

StartServiceCtrlDispatcherA
DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
RegRestoreKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegisterServiceCtrlHandlerA
SetServiceStatus

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37cbc7ac5812c6a9b05b1e9554fba924

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 36KB - Virtual size: 55KB

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 36KB - Virtual size: 55KB