222bbdbfce3e0efb4bc0737db2253401

General

Target

222bbdbfce3e0efb4bc0737db2253401
Size

24KB
MD5

222bbdbfce3e0efb4bc0737db2253401
SHA1

2f82e3c5a52b3a85541eb3a128f2364acf1b3d8a
SHA256

6a06c1967a4b27ca5351a03ccab0240828ac633cc84c096d25f137a33cbe45c2
SHA512

d6936507a3a81699a885f6c320f595a8e6e90b5bc53bf25ceee5ba6f1c024d1fc193c279806d5f8bcf36beb0417434196241a534f24154d7fdd2d87fc95e6162
SSDEEP

768:u7qx7RuKMFqGLK3od3icv7S7YC+8Kvb2:kKMFqG1N7S730vC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222bbdbfce3e0efb4bc0737db2253401

Files

222bbdbfce3e0efb4bc0737db2253401
.dll windows:4 windows x86 arch:x86

bfd5443d771d78564cf2aeb34e0cc7bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord536
ord941
ord356
ord2770
ord668
ord2781
ord4058
ord3181
ord3178
ord540
ord2846
ord2818
ord537
ord2764
ord6648
ord4129
ord800
ord1168
ord2915
ord825

msvcrt

_adjust_fdiv
malloc
_initterm
free
strncmp
strstr
strncpy
exit
sprintf
strchr
atoi
rand
srand
__CxxFrameHandler
time
printf

kernel32

lstrlenA
CreateThread
DeleteFileA
CreateProcessA
GetSystemDirectoryA
GetCurrentProcessId
GetVersionExA
WaitForSingleObject
GetLastError
CreateMutexA
GetProcessHeap
ExitThread
Sleep
GlobalMemoryStatus
HeapAlloc
GetTickCount

user32

wsprintfA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

urlmon

URLDownloadToFileA

ws2_32

sendto
setsockopt
WSASocketA
inet_addr
htons
WSAStartup
gethostbyname
connect
socket
send
closesocket
recv
inet_ntoa
gethostname
htonl
WSAGetLastError
__WSAFDIsSet
select

winmm

timeGetTime

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bfd5443d771d78564cf2aeb34e0cc7bf

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

urlmon

ws2_32

winmm

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 243KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 243KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB