2964c12772ef6601d16ad28f34056af2

General

Target

2964c12772ef6601d16ad28f34056af2
Size

51KB
MD5

2964c12772ef6601d16ad28f34056af2
SHA1

42229fa8bf657582f43a39d8ebedc512d2ce7a3a
SHA256

487bc3cf36728c3de5addca50ca66cb07add8657f07bf7122657159c38ce09fc
SHA512

e1b25b2dce0b68acbc128c084f9d233e50359fefd0b9ccc752a2dda588a1f8b7f97c9431878598f5c6f7073280b514789af742fa010f7b2490aa4ff461ec4261
SSDEEP

768:HGjd9KhCw59qGpTpmLkOZ5HfkDQ+i//R8800Er7MoVLGEYJWVKV1v0:s9fw59qGp565/Ili3R2mJWVKV10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2964c12772ef6601d16ad28f34056af2

Files

2964c12772ef6601d16ad28f34056af2
.exe windows:4 windows x86 arch:x86

ffdb3d2cdf0f1c8e247ecef592d30fde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
gethostname
accept
shutdown
recv
WSAStartup
socket
gethostbyname
htons
connect
send
closesocket
listen
WSACleanup

psapi

EnumProcessModules
GetModuleFileNameExA

kernel32

CreateProcessA
GetStartupInfoA
GetModuleHandleA
LocalFree
SetErrorMode
GetConsoleWindow
CreateMutexA
GetLastError
GetTickCount
lstrcmpA
lstrcpynA
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GetLogicalDriveStringsA
GetDriveTypeA
SetFileAttributesA
lstrlenA
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
Sleep
Process32Next
DeleteFileA
TerminateProcess
CloseHandle
OpenProcess
Process32First
CreateToolhelp32Snapshot
ExitProcess
GetCurrentProcessId
CreateThread
GlobalAlloc

user32

DispatchMessageA
TranslateMessage
GetMessageA
IsCharAlphaNumericA
wsprintfA
ShowWindow

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

VariantInit
VariantCopy
VariantClear
SysFreeString
GetErrorInfo

msvcrt

_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_unlink
exit
_XcptFilter
_exit
_CxxThrowException
__argc
__argv
srand
_strcmpi
_strdup
wcslen
memcmp
??2@YAPAXI@Z
??3@YAXPAX@Z
free
strcat
strcpy
sprintf
fclose
fgets
fopen
_except_handler3
malloc
fputs
toupper
rand
strstr
strrchr
strcmp
fwrite
ftell
fseek
memset
strtok
printf
strlen

Sections

.bss
Size: - Virtual size: 421KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ffdb3d2cdf0f1c8e247ecef592d30fde

Headers

File Characteristics

Imports

ws2_32

psapi

kernel32

user32

ole32

oleaut32

msvcrt

Sections

.bss Size: - Virtual size: 421KB

.data Size: 35KB - Virtual size: 35KB

.bss
Size: - Virtual size: 421KB

.data
Size: 35KB - Virtual size: 35KB