2111622fe5d058ec14e3081c039de739

Sharing

Copy URL Twitter E-mail

General

Target

2111622fe5d058ec14e3081c039de739
Size

48KB
MD5

2111622fe5d058ec14e3081c039de739
SHA1

7c9906ea1c6fbb78fd1fc3e8c31175c5419bb6c0
SHA256

eed8459c86568f6e8b76a79176496e1e5536e6abbcf4bef01cb44a730430b2b6
SHA512

80668b83600b00c8a9d5738a5a153a919e52e5aec250f58c54d8247da0c1ab4c33c4bcbaf60c86568224c3cba84404eb6eeb5883adb429c534c0656675d22bd8
SSDEEP

768:W+E9yZiSmQ2QYJotnR0khXiM1nI2EOgmCG1la:g9yQSmF9khXiMe2Pg2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2111622fe5d058ec14e3081c039de739

Files

2111622fe5d058ec14e3081c039de739
.exe windows:4 windows x86 arch:x86

cf510ac6fe0d680d664a9ed3e5531250

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GlobalFree
GlobalAlloc
GetVersionExA
SetFileTime
GetFileTime
GetSystemDirectoryA
CreateFileA
GetCurrentProcess
Process32Next
OpenProcess
WriteFile
CreateToolhelp32Snapshot
TerminateProcess
FindNextFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
DeleteFileA
CreatePipe
CreateProcessA
ReadFile
ExitThread
Sleep
CreateThread
CloseHandle
Process32First
GetLastError

user32

wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

wininet

InternetCloseHandle
InternetQueryOptionA
InternetOpenA
HttpSendRequestA
InternetReadFile
HttpEndRequestA
HttpOpenRequestA
HttpSendRequestExA
InternetWriteFile
InternetConnectA

ws2_32

inet_ntoa
gethostbyname
gethostname
ntohs
WSAStartup

netapi32

Netbios

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

iphlpapi

GetTcpTable
GetUdpTable

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
strtok
__CxxFrameHandler
strstr
strncpy
_controlfp
_stricmp
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
srand
time
sprintf
rand
fwrite
fclose
fopen
fread
fgetpos
fseek
_snprintf
free
malloc

psapi

GetModuleFileNameExA
EnumProcessModules

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf510ac6fe0d680d664a9ed3e5531250

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

ws2_32

netapi32

mpr

iphlpapi

msvcrt

psapi

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 1KB