0c09c2789eb2c53d512c3ae1b959bec5

General

Target

0c09c2789eb2c53d512c3ae1b959bec5
Size

68KB
MD5

0c09c2789eb2c53d512c3ae1b959bec5
SHA1

ae74506cd1b87a3c867900035d421188a898572a
SHA256

76be6b87102aa114e630580c65b6266c0857c21b4bb9a9a81ecf7993f52a2a0b
SHA512

e0eab8eb40607dcb1a3873176f476af3549e686e21425a766117587cb65d153b5d740d349986cdad4055b03370c569b47c00a92af4b0037b69487399ae785176
SSDEEP

1536:NAcPoTpfV3nFOjchFbWx9ZqLaOSICS4A:N9oTpfFnFMchsx9vOx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c09c2789eb2c53d512c3ae1b959bec5

Files

0c09c2789eb2c53d512c3ae1b959bec5
.exe windows:4 windows x86 arch:x86

d93b2f91d1673e45f0d3d94bd9de174f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
WSACleanup
recv
socket
closesocket
inet_addr
WSAStartup
gethostbyname
gethostbyaddr
send

kernel32

lstrcmpA
lstrcatA
FindFirstFileA
FindNextFileA
HeapAlloc
HeapFree
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
ExitProcess
GetProcessHeap
CreateProcessA
GetModuleFileNameA
lstrcpynA
GetFileAttributesA
SetCurrentDirectoryA
LoadLibraryExA
CreateFileA
GetFileSize
LocalFree
ReadFile
CloseHandle
lstrlenW
lstrcpyW
GetWindowsDirectoryA
FindClose
MultiByteToWideChar
LocalAlloc
lstrlenA
lstrcmpiA
WideCharToMultiByte

user32

wsprintfA
CharLowerW
CharLowerA

advapi32

RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
CryptHashData
CryptDestroyHash
CredEnumerateA
CryptCreateHash
CryptAcquireContextA
CredFree
CryptReleaseContext
RegEnumValueA
CryptGetHashParam
RegOpenKeyA
RegCloseKey

shell32

SHGetFolderPathA

ole32

CoCreateInstance
CoTaskMemFree
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d93b2f91d1673e45f0d3d94bd9de174f

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 15KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 15KB