21782f05dc6f7a6bba45f335097fd482

General

Target

21782f05dc6f7a6bba45f335097fd482
Size

24KB
MD5

21782f05dc6f7a6bba45f335097fd482
SHA1

33178bd8af6290821da2c20271057c99f40bef28
SHA256

c88b7a45bc7418d9e248873af52fd0979d6dbb64e92a41f788c235c5c5a1443c
SHA512

11b298aaa81b11f7626bb914669a1a82361d093047e0ce83e8310b4294a72c86147ad4c3eb06ed605d683524e868f89f42ed0c18423c07166abf64aaa2e417f4
SSDEEP

192:cOji/xFBlYMKDsLNL2IgpwUEX3cUsCX3De6OQnV4OOjWWRi/qDuFXWSS+KCh0MdD:o/x15LjgAcVk32QuOO3RVDqXWSaBMdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21782f05dc6f7a6bba45f335097fd482

Files

21782f05dc6f7a6bba45f335097fd482
.exe windows:4 windows x86 arch:x86

19fbe1ffa2e31da8a72319252bb0deaf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
Process32Next
Process32First
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
GetStartupInfoA
CopyFileA
GetTempPathA
CreateToolhelp32Snapshot
CloseHandle
FindFirstFileA
FindNextFileA
FindClose
WinExec
CreateFileA
ReadFile
GetPrivateProfileStringA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

mfc42

msvcirt

??Bios@@QBEPAXXZ
?getline@istream@@QAEAAV1@PADHD@Z
??_Difstream@@QAEXXZ
?open@ifstream@@QAEXPBDHH@Z
?openprot@filebuf@@2HB
??0ifstream@@QAE@XZ
?fail@ios@@QBEHXZ

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_acmdln
exit
_XcptFilter
_exit
fopen
fseek
fread
strtok
strcmp
remove
tmpnam
strcat
__CxxFrameHandler
strcpy
strlen
printf
sprintf
memset
__getmainargs
_access
_stricmp
_strcmpi

wsock32

connect
gethostbyname
htons
socket
WSAStartup
send
closesocket
recv

Sections

zzz0
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

19fbe1ffa2e31da8a72319252bb0deaf

Headers

File Characteristics

Imports

kernel32

advapi32

mfc42

msvcirt

msvcrt

wsock32

Sections

zzz0 Size: 20KB - Virtual size: 20KB

.rsrc Size: 1KB - Virtual size: 4KB

.avp Size: 2KB - Virtual size: 4KB

zzz0
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avp
Size: 2KB - Virtual size: 4KB