15f8898db94939fe4aa2e24fa1ff7c1b

Sharing

Copy URL

Twitter E-mail

General

Target

15f8898db94939fe4aa2e24fa1ff7c1b
Size

115KB
MD5

15f8898db94939fe4aa2e24fa1ff7c1b
SHA1

adb53cca7da149992d21efc672935393a5847cc9
SHA256

6277009b0ce58adc01551c61ca4dd4ae0bbef5d0674b7c5af229afd8cce9f202
SHA512

4493b186701dd906e6649530b35cc396d9cd8b7b815848540fa3cc0ee9259e9499eeb6b75bbeb7485706f1f7a0c699dcf38bdd5d41dd4e13c9b7270e8f2920dc
SSDEEP

1536:wcHkLJF1R23gC7UIFVjqCW8wYTuZj3oOfWlHWjYR0zo1enR:wcHk/KgCw0eF8mOHEYR0zoS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15f8898db94939fe4aa2e24fa1ff7c1b

Files

15f8898db94939fe4aa2e24fa1ff7c1b
.exe windows:4 windows x86 arch:x86

464ea7ffc150d2ca87e346bd5e90f9f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Sleep
CreateThread
GetCurrentProcessId
GetCurrentThreadId
ExitProcess
FreeConsole
InitializeCriticalSection
CreateProcessA
GetStartupInfoA
WriteFile
ReadFile
DeleteFileA
CreatePipe
HeapFree
HeapAlloc
GetProcessHeap
ExitThread
GetModuleHandleA
CreateMutexA
OpenMutexA
GetVersionExA
GetTickCount
lstrlenA
FreeLibrary
LocalFree
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetVersion
CreateFileA
CloseHandle
GetLastError
GetSystemDirectoryA
GetWindowsDirectoryA
EnterCriticalSection
GlobalAlloc
PeekNamedPipe
LeaveCriticalSection
GetTimeZoneInformation
GetEnvironmentStringsW
GetSystemTime
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetEnvironmentStrings
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
SetStdHandle
GetFileAttributesA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCPInfo
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
WaitForSingleObject
GetExitCodeProcess
SetUnhandledExceptionFilter
GetStdHandle
GetFileType
MultiByteToWideChar
GetLocalTime
RtlUnwind
TlsGetValue
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
RaiseException
TlsSetValue
TlsAlloc
SetLastError
HeapSize
SetFilePointer
TerminateProcess
GetCurrentProcess
HeapReAlloc
FlushFileBuffers
DeleteCriticalSection
SetHandleCount

user32

KillTimer
FindWindowA
wsprintfA
GetMessageA
DispatchMessageA
TranslateMessage
SendMessageA
SetTimer
PostMessageA

advapi32

OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
ControlService
OpenSCManagerA
IsTextUnicode
RegCloseKey
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA
RegSetValueExA

shell32

ShellExecuteA

ws2_32

WSAStartup
inet_addr
setsockopt
ntohl
htons
listen
WSAAccept
__WSAFDIsSet
recvfrom
WSAGetLastError
select
gethostbyname
htonl
shutdown
WSASocketA
bind
getsockname
connect
getpeername
inet_ntoa
ntohs
closesocket
send
recv
sendto

wininet

InternetGetConnectedState

oleaut32

GetErrorInfo

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

464ea7ffc150d2ca87e346bd5e90f9f4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

wininet

oleaut32

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 37KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 37KB