0b88eca60164b878b042b0b71d574414

General

Target

0b88eca60164b878b042b0b71d574414
Size

53KB
MD5

0b88eca60164b878b042b0b71d574414
SHA1

0e6c5b838a47ddeedc69b8d82329f615f0aacf62
SHA256

4206d3aa5bf2094a4353310fe7f422187722fc0ed0ecc4d7980e14d9bdcfd6ed
SHA512

990e8e0b7761d88077d68dd23c60822060746ed00597a1e737d6e7bf281e380cc72c0c6ac9caa90afef11fa6cdd1c9a5e711651c8ee9bac83e1a19ff579b315b
SSDEEP

768:kPLl3vXzgR1wZSiuCBCFCnBbghgZuG/ku3sRKHL20:kPL5vXZSiZntr8uOA20

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b88eca60164b878b042b0b71d574414

Files

0b88eca60164b878b042b0b71d574414
.exe windows:4 windows x86 arch:x86

6ce953a98fc5c00b41cb9d40f7d9a872

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
inet_addr
sendto
closesocket
recv
send
accept
listen
socket
inet_ntoa
connect
WSAGetLastError
htons
bind
select
__WSAFDIsSet
ioctlsocket
gethostbyname

kernel32

LCMapStringA
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
SetFilePointer
LCMapStringW
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
Sleep
ExitThread
WinExec
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCurrentProcessId
CreateThread
FlushFileBuffers
HeapSize
RtlUnwind
HeapAlloc
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
HeapFree
CloseHandle
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte

advapi32

RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ce953a98fc5c00b41cb9d40f7d9a872

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 14KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 14KB