3db55e331023705cc6e1bf81a6be37db

General

Target

3db55e331023705cc6e1bf81a6be37db
Size

70KB
MD5

3db55e331023705cc6e1bf81a6be37db
SHA1

9d94086f0302c4b8b3dee93db0dd9e5e953d3f58
SHA256

bdd9807d54a008512b3ab551dfeb9dbd5f23aeb5df94a53f8f97077fd03c744b
SHA512

88ce3fc795f24a105c586981d2f78b6c75c2810619e228f5cdb39d9560a8d5d03d6948e1c4324fb83f99ee278bc4d409de3b94954c33f3c486bf6af7be258e8b
SSDEEP

768:94WywLHaS4hWOxYxEOLGg9QZoSO9hPpbnmO27ENIK9jZAN/iB9POGoBaW38Aob6I:WW9L6DhTYqXpSSO9+sIK5GLGEo+jj86

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3db55e331023705cc6e1bf81a6be37db

Files

3db55e331023705cc6e1bf81a6be37db
.exe windows:4 windows x86 arch:x86

ee64c524cf57b7ead2ecbbf12c530fa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
Sleep
LeaveCriticalSection
EnterCriticalSection
GetTickCount
GetLastError
CreateThread
DeleteCriticalSection
LoadLibraryA
GetProcAddress
GetModuleHandleA
SetFileTime
CloseHandle
GetFileTime
CreateFileA
GetComputerNameA
GetLocaleInfoA
GetVersionExA
CreateProcessA
OpenProcess
GetCurrentProcessId
CopyFileA
SetFileAttributesA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
GetTempPathA
GetModuleFileNameA
SetErrorMode
GetLocalTime
TerminateThread
ReadFile
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
GetStringTypeW
GetStringTypeA
SetFilePointer
WriteFile
FlushFileBuffers
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
TerminateProcess
GetCurrentProcess
GetStartupInfoA
GetCommandLineA
GetVersion
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount

shell32

ShellExecuteA

ws2_32

inet_ntoa
htons
inet_addr
gethostbyaddr
getsockname
WSAStartup
WSACleanup
closesocket
socket
send
recv
connect
gethostbyname

wininet

InternetOpenA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 646KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ee64c524cf57b7ead2ecbbf12c530fa3

Headers

File Characteristics

Imports

kernel32

shell32

ws2_32

wininet

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 10KB - Virtual size: 646KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 10KB - Virtual size: 646KB