0804074adde9aa5839adcb9940619083

General

Target

0804074adde9aa5839adcb9940619083
Size

48KB
MD5

0804074adde9aa5839adcb9940619083
SHA1

ff90de02dac7efc777701b1c1cbecd30d1b55007
SHA256

f97e7e9d05a333807cb227547def20c48f70bd920c2823f737593f01b0f55b65
SHA512

82f3166fa6892670d12e1c84735237ec48a6835d52527db694b5828a1e21177c936c96a71a9e2f67b5ba41592c68dd659d5448621901597cd65ec90ea9a7dde5
SSDEEP

768:0eS2lwoIiTP+fwRZ2LHF9i3AHU8pK246RYHCRJERbIO7nToIf1/hN6l:3qiTP+2aHF9/lybIO7nToIfRhN6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0804074adde9aa5839adcb9940619083

Files

0804074adde9aa5839adcb9940619083
.dll windows:4 windows x86 arch:x86

3dcd32c4409b2c9b8d1e3407019a1592

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
tmpnam
strchr
realloc
malloc
memmove
strpbrk
_except_handler3
strtok
rand
time
memset
free
memcpy

kernel32

CreateEventA
GetTempPathA
InterlockedIncrement
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
ResetEvent
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
lstrlenA
WriteFile
SetEvent
VirtualProtect
CreateThread

ws2_32

htons
socket
connect
WSAIoctl
shutdown
closesocket
select
__WSAFDIsSet
recv
send

shlwapi

StrCmpNIA
StrStrIA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegNotifyChangeKeyValue
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

Exports

Exports

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dcd32c4409b2c9b8d1e3407019a1592

Headers

File Characteristics

Imports

msvcrt

kernel32

ws2_32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 512B - Virtual size: 29KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 29KB

.reloc
Size: 1KB - Virtual size: 1KB