15beaf1d2121a65e7858e87c37123393

Sharing

Copy URL

Twitter E-mail

General

Target

15beaf1d2121a65e7858e87c37123393
Size

696KB
MD5

15beaf1d2121a65e7858e87c37123393
SHA1

e573240ee1f494ff359e32a88ec931f60d7913ac
SHA256

f9cce5f6dc62bf421712e60caa1aec5045d3cf4e1648266dfed6fb76aafd278f
SHA512

dbe7e0a2e90c4aa4f7ee7d608c39bac29dfe78e6c1b501f25718450af03aa54da5d72122ff035b34a88c4d96c1a86b4c04304b044472ea37b1246cb74a061be9
SSDEEP

12288:76GQNw4R1mxaibSDx5QTOqzbGGzrumE3JTnFpoKFTp5AEUV:76qkfibSDx5QSqz1zimE3JZpx18EM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15beaf1d2121a65e7858e87c37123393

Files

15beaf1d2121a65e7858e87c37123393
.exe windows:4 windows x86 arch:x86

195bc39c2feac1598acc133e2a5ac1cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
ResumeThread
WaitForMultipleObjects
GetLastError
CreateFileMappingA
CreateProcessA
GetCommandLineA
CreateEventA
OpenFileMappingA
GetCurrentProcessId
SetConsoleTitleA
SetConsoleCtrlHandler
FreeConsole
GetProcAddress
TerminateThread
WaitForSingleObject
CreateThread
MapViewOfFile
CloseHandle
UnmapViewOfFile
SetEvent
SleepEx
GetStdHandle
GetConsoleScreenBufferInfo
GetSystemTime
GetModuleHandleA
GetModuleFileNameA
InterlockedIncrement
SetStdHandle
SetFilePointer
GetConsoleMode
SetConsoleMode
ReadConsoleInputA
PeekNamedPipe
GetFileInformationByHandle
LocalFileTimeToFileTime
GlobalMemoryStatus
FreeLibrary
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
SetLastError
FindClose
FindFirstFileA
MoveFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
GetLocalTime
ExitProcess
GetCurrentProcess
CreateDirectoryA
HeapAlloc
HeapReAlloc
HeapFree
GetVersion
RtlUnwind
InterlockedDecrement
SystemTimeToFileTime
WideCharToMultiByte
TlsSetValue
TlsAlloc
TlsGetValue
WriteFile
InitializeCriticalSection
GetFullPathNameA
GetCurrentDirectoryA
FlushFileBuffers
DeleteCriticalSection
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
SetFileTime
CompareStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
CreateFileA
GetCPInfo
GetACP
GetOEMCP
CompareStringA
GetFileAttributesA
SetEnvironmentVariableA
SetEndOfFile
FlushConsoleInputBuffer
SetFileAttributesA
DeleteFileA

wsock32

getsockname
getpeername
listen
htons
socket
setsockopt
bind
select
connect
accept
ntohs
WSAStartup
WSACleanup
gethostbyname
WSASetLastError
shutdown
ioctlsocket
WSAGetLastError
inet_addr
closesocket
send
recv

gdi32

DeleteDC
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
CreateDCA

Sections

.text
Size: 484KB - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

195bc39c2feac1598acc133e2a5ac1cb

Headers

File Characteristics

Imports

kernel32

wsock32

gdi32

Sections

.text Size: 484KB - Virtual size: 483KB

.rdata Size: 108KB - Virtual size: 107KB

.data Size: 100KB - Virtual size: 146KB

.text
Size: 484KB - Virtual size: 483KB

.rdata
Size: 108KB - Virtual size: 107KB

.data
Size: 100KB - Virtual size: 146KB