1416e3fae81841c64b761358427eafdd

Sharing

Copy URL Twitter E-mail

General

Target

1416e3fae81841c64b761358427eafdd
Size

39KB
MD5

1416e3fae81841c64b761358427eafdd
SHA1

91b2583dcb8c429731d98def35d67ce7d178673b
SHA256

21e98a47a23a1b734e4f2c81feff8ef54f30500fe600e0b1f8021e006123de67
SHA512

70331168038c194a6b2492def899a984bfe4e3b32324385847924826f3d999fb951571289e940db00925cbc76106fd2ebd492d8a4e5493bfbb77e5245a1206e9
SSDEEP

384:2gUQP2xZx4KvrqFqEscfGaS+/62A8tB/i/1vkVojypZDk0J9h7JcYcXUODUQnKF1:2HvWIA64tB/4W/pp5JvVzuuF9cK/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1416e3fae81841c64b761358427eafdd

Files

1416e3fae81841c64b761358427eafdd
.exe windows:1 windows x86 arch:x86

8e26a5f06ef7fcc6ca6a2f0148e84945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

OpenProcess
GetDiskFreeSpaceA
GetDriveTypeA
SetFileTime
FindNextFileA
CreateProcessA
GetProcAddress
GetFileSize
UnmapViewOfFile
SetThreadPriority
CopyFileA
CreateFileA
CreateFileMappingA
GetSystemDirectoryA
FileTimeToSystemTime
GetModuleHandleA
CreateThread
GetFileTime
GetSystemTime
WideCharToMultiByte
Sleep
FreeLibrary
GetACP
GetCommandLineA
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GlobalAlloc
FindClose
GetVersionExA
GetSystemTimeAsFileTime
GetProcessHeap
ExitProcess
DeleteFileA
GetModuleFileNameA
GetLocalTime
GetTimeZoneInformation
FindFirstFileA
GetTempPathA
lstrcmpA
WriteFile
CloseHandle
TerminateProcess
GlobalMemoryStatus
HeapAlloc
HeapFree
LoadLibraryA
MapViewOfFile

user32

UnhookWindowsHookEx
SetWindowsHookExA
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetDC
CharUpperA
CharLowerA
GetSystemMetrics

wsock32

WSACleanup
send
socket
select
recv
ntohl
htons
htonl
gethostname
gethostbyname
gethostbyaddr
connect
closesocket
bind
accept
listen
__WSAFDIsSet
WSAStartup

advapi32

RegCreateKeyExA
RegEnumValueA
GetUserNameA
RegEnumKeyExA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA

gdi32

GetDeviceCaps

rasapi32

RasGetEntryPropertiesA
RasEnumEntriesA
RasEnumConnectionsA

Sections

CODE
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8e26a5f06ef7fcc6ca6a2f0148e84945

Headers

File Characteristics

Imports

kernel32

user32

wsock32

advapi32

gdi32

rasapi32

Sections

CODE Size: 25KB - Virtual size: 28KB

DATA Size: 10KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

CODE
Size: 25KB - Virtual size: 28KB

DATA
Size: 10KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB