24e6c5a8e46daefaf2090989e3a8952d

Sharing

Copy URL Twitter E-mail

General

Target

24e6c5a8e46daefaf2090989e3a8952d
Size

76KB
MD5

24e6c5a8e46daefaf2090989e3a8952d
SHA1

69cb25ec18ed50e7a5b7ff3be95d07a7e4cd1b8a
SHA256

4cd61537ebe730d1feaee920870dc8ebe6c4f2c93aa48f28dc8955f26dd827c4
SHA512

05059d72d0f03a181cc9da2eb34d489cd5a50c508653bc9a366f749dabb5d84a7fce46d1f9ffa2f7d34f29e303913fae46ca44c16b0f5404ab88d55995e6663f
SSDEEP

768:Mm7xxCFjYxz6x2RxAK5uXIGcFOzl1b9gewQCd1TvBmeXAx7oQeZg3q:MrimwxH4XkcRjwQm1T7wo23q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24e6c5a8e46daefaf2090989e3a8952d

Files

24e6c5a8e46daefaf2090989e3a8952d
.exe windows:4 windows x86 arch:x86

4ceccec54a5efedb71860a5b1e743b35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
Sleep
lstrcpyA
CloseHandle
OpenFile
GetModuleFileNameA
GetSystemDirectoryA
MoveFileA
RemoveDirectoryA
CreateDirectoryA
SearchPathA
SetCurrentDirectoryA
FindFirstFileA
WaitForSingleObject
CreateThread
ReadFile
GetFileSize
GetDriveTypeA
GetVolumeInformationA
GetWindowsDirectoryA
GlobalMemoryStatus
GetComputerNameA
GetSystemInfo
GetVersionExA
CopyFileA
FindClose
FindNextFileA
OpenProcess
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
FileTimeToSystemTime
GetCurrentDirectoryA
GetLogicalDriveStringsA
PeekNamedPipe
CreatePipe
SetFileTime
GetFileTime
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
LocalFree
CreateFileA
WriteFile
GetLastError
lstrlenA
LoadLibraryA
DeleteFileA
VirtualAlloc
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
GetModuleHandleA
GetProcAddress
WriteProcessMemory
SetThreadContext
ResumeThread
TerminateProcess
CreateProcessA
GetThreadContext
ReadProcessMemory
SetFilePointer
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
IsBadWritePtr
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapFree
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
RaiseException

user32

IsCharAlphaNumericA

advapi32

RegQueryValueExA
RegEnumKeyExA
RegDeleteKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetUserNameA
RegOpenKeyExA
RegCloseKey
RegCreateKeyA
RegSetValueExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
CreateServiceA
RegOpenKeyA
StartServiceA

ws2_32

htons
send
select
recv
closesocket
WSACleanup
WSASocketA
inet_addr
inet_ntoa
gethostbyname
WSAStartup
gethostname
socket
connect

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

oleaut32

GetErrorInfo

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ceccec54a5efedb71860a5b1e743b35

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

wininet

oleaut32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB