0cc1493b14adeacfc20b73b0b8369bb2

General

Target

0cc1493b14adeacfc20b73b0b8369bb2
Size

32KB
MD5

0cc1493b14adeacfc20b73b0b8369bb2
SHA1

4c1c26655c7e099c81a56c30510709e714a27507
SHA256

83d6221ce293ba2450f09ab46c6d96ee53f9746afc98476d4db228553c37a6cb
SHA512

8400c8f469401f1d90e442bdf64cc97c8c15d807b0f3762bbae67f5486e00542e1c78f4434b2a252111ffa2ac18e3979710b4ba589b1102fc9adff89baa6f11c
SSDEEP

384:Hk8ziKTmcRyHAtsmWYnStNvnTz+qYkRbxRTFVK1a8:Hk8xScRyMWy0N7z+lKxRXK88

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cc1493b14adeacfc20b73b0b8369bb2

Files

0cc1493b14adeacfc20b73b0b8369bb2
.exe windows:4 windows x86 arch:x86

26f43abfb5137fd1934d6471366243c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
GetFileInformationByHandle
CreateFileA
GetSystemDirectoryA
GetProcAddress
LocalFree
lstrlenA
GetVersionExA
IsBadReadPtr
GlobalFree
GlobalAlloc
CreateThread
ReadFile
GetFileSize
LoadLibraryA
GetModuleFileNameA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapFree
GetCurrentProcess
CloseHandle
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetModuleHandleA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
WriteFile
lstrcatA
TerminateProcess
GetSystemTimeAsFileTime
RtlUnwind

user32

wsprintfA
MessageBoxA

advapi32

GetSecurityInfo
GetUserNameA
SetEntriesInAclA
SetSecurityInfo
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

ws2_32

select
recv
WSACleanup
htons
inet_addr
ioctlsocket
accept
listen
bind
__WSAFDIsSet
closesocket
send
socket
WSAStartup
connect

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26f43abfb5137fd1934d6471366243c7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 132KB

.CRT Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 132KB

.CRT
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 176B