1b2b61116c42095cde9df38094e9f711

Sharing

Copy URL Twitter E-mail

General

Target

1b2b61116c42095cde9df38094e9f711
Size

26KB
MD5

1b2b61116c42095cde9df38094e9f711
SHA1

ad14e02b29b9d1ce4191642092cb24e1395a6789
SHA256

dd481cf5de909f82c10d3c661bf6b178191e00ab9ccdac17d8b479c6d78b869f
SHA512

0af1d32283fe72c4dd8837ef94de756344c7805179bb632f0cb376492cf831d7d34432c07cfbcb37ca26f8228c31cb3eb678ccfb579f1c0c8996cd87a1607336
SSDEEP

192:UtPevNx7yqmrqrpMznNrtBRnVLrC4Q4Y6gRMNM2C0XScGpieF6okq:cer7rm2rp0NXHCoYNKC0XScGr6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b2b61116c42095cde9df38094e9f711

Files

1b2b61116c42095cde9df38094e9f711
.exe windows:4 windows x86 arch:x86

7176f8edbc84c37397143ac594323963

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

recv
__WSAFDIsSet
WSACleanup
inet_addr
gethostbyname
getsockname
WSAStartup
htons
WSAAsyncSelect
bind
setsockopt
listen
accept
closesocket
socket
connect
select
send

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentProcess
CreateMutexA
WaitForSingleObject
SetConsoleCtrlHandler
GetStdHandle
AllocConsole
FreeLibrary
GetProcAddress
LoadLibraryA
ExitThread
CreateThread
Sleep
ExitProcess
CloseHandle
CreateProcessA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
FatalAppExitA
CreateFileA
WriteFile

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

ole32

CoCreateInstance

oleaut32

SysStringLen
SysAllocString
SysFreeString

msvcr80d

_lock
_onexit
_decode_pointer
_except_handler4_common
__dllonexit
_unlock
_invoke_watson
_controlfp_s
_crt_debugger_hook
_initterm_e
_initterm
strstr
_CrtDbgReportW
setvbuf
__iob_func
_fdopen
_open_osfhandle
printf
memset
memcpy
strlen
sprintf
rand
_stricmp
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
exit
_ismbblead
_acmdln
_CrtSetCheckCount

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7176f8edbc84c37397143ac594323963

Headers

File Characteristics

Imports

ws2_32

kernel32

advapi32

ole32

oleaut32

msvcr80d

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1KB - Virtual size: 1KB