299a728676ae049325c2fb9124e2101c

General

Target

299a728676ae049325c2fb9124e2101c
Size

152KB
MD5

299a728676ae049325c2fb9124e2101c
SHA1

c7ef26619e8c2b63dffceff4208e023fd178d520
SHA256

a5c5acd97eb3e3ef5797715539ca1d158304b2c53d88526f69fcb8be570841c7
SHA512

4e8deea33f908942c67373eb11809106b7e316c7c9f5b5966a4415568ef45857d9714c2b565d5fbcf621a7cdf43b6745f74dfdbe0acad216e0b8de0ed2304de5
SSDEEP

1536:JGgTooz31U5X9N7uhrV0/xyS+DUvwQzV1Pq:JCa3et9N6tV0ppJvxvPq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
299a728676ae049325c2fb9124e2101c

Files

299a728676ae049325c2fb9124e2101c
.exe windows:4 windows x86 arch:x86

45b4b82e48cb0db6aacb69884e767bfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetAddConnection2A
WNetCancelConnection2A

netapi32

NetScheduleJobAdd
NetRemoteTOD
NetQueryDisplayInformation

wsock32

WSACleanup
gethostbyname
htons
gethostbyaddr
closesocket
ntohl
htonl
inet_addr
send
ioctlsocket
recv
WSAStartup
connect
socket

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

kernel32

LCMapStringA
SetStdHandle
VirtualQuery
InterlockedExchange
RtlUnwind
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapSize
HeapReAlloc
HeapAlloc
SetFilePointer
HeapFree
VirtualFree
LCMapStringW
HeapDestroy
GetFileType
SetHandleCount
GetTickCount
CreateProcessA
ExpandEnvironmentStringsA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
WriteFile
CreateFileA
CopyFileA
CreateThread
Sleep
TerminateThread
GetSystemDirectoryA
GetTempPathA
GetProcAddress
LoadLibraryA
GetEnvironmentStringsW
WideCharToMultiByte
GetLocaleInfoA
FlushFileBuffers
VirtualProtect
GetSystemInfo
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
GetLastError
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

wsprintfA

advapi32

RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

Sections

��t
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45b4b82e48cb0db6aacb69884e767bfb

Headers

File Characteristics

Imports

mpr

netapi32

wsock32

wininet

kernel32

user32

advapi32

shell32

Sections

����t Size: 152KB - Virtual size: 152KB

��t
Size: 152KB - Virtual size: 152KB