0cdc5994af95800ffff856264ddd45d4

General

Target

0cdc5994af95800ffff856264ddd45d4
Size

64KB
MD5

0cdc5994af95800ffff856264ddd45d4
SHA1

f2d67167a2a7a7a1767a33629d0b19f6f0023d13
SHA256

e9da822c86f988ce8d4dc8067d7ec9238b19b978e2841391a8474aa26acf4926
SHA512

87fc2a3cbc2dfe7e2495e80637adf98db139fdacb4c91c3a246b9da47ff84281bbf8b103621320192223670cee74724c614e0d50c1c4a9db9ea1077f700f65a8
SSDEEP

768:iQlHRQCATb6cKgE/qfdYI7LDJXUnQ3aJKxgo+GYZRg0sos9GhKF2n3dVdkooWZX:dGboHIjJT3Wn607lMF23ToI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0cdc5994af95800ffff856264ddd45d4

Files

0cdc5994af95800ffff856264ddd45d4
.exe windows:4 windows x86 arch:x86

6ee8ce64f394ada5414ad20a2cb87cde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
ResumeThread
SuspendThread
GetModuleFileNameA
SetEvent
DeleteCriticalSection
InitializeCriticalSection
lstrcmpiA
GetLastError
EnterCriticalSection
GetLocalTime
LeaveCriticalSection
GlobalAlloc
IsBadWritePtr
WaitForSingleObject
GlobalLock
GlobalUnlock
CreateThread
GlobalFree
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
ReadFile
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetFilePointer
IsBadCodePtr
IsBadReadPtr
LCMapStringW
SetUnhandledExceptionFilter
VirtualAlloc
WriteFile
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree

advapi32

RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
OpenServiceA
QueryServiceStatus
DeleteService
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
SetServiceStatus

ole32

CoInitialize
CoUninitialize
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
GetHGlobalFromStream
CoCreateInstance

wsock32

WSAStartup
socket
htonl
bind
WSACleanup
listen
accept
closesocket
send
recv
WSAGetLastError
WSASetLastError
htons

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ee8ce64f394ada5414ad20a2cb87cde

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

wsock32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 11KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 11KB