41fd2bf959525d288261d7c8430f0e3f

Sharing

Copy URL

Twitter E-mail

General

Target

41fd2bf959525d288261d7c8430f0e3f
Size

52KB
MD5

41fd2bf959525d288261d7c8430f0e3f
SHA1

a78223e4d84e6d4567bdb04902bbe6b1c7a17fd0
SHA256

8cbd11e75b80270aaa3c61267b937d6185efb175b6aa21f2b6aca32cba9ad479
SHA512

1f98b131b5fe92d700fb90e90def079b10713e82e5d6083f821695b4ab24172e0dbe125e44b63a837b666bfb208f9550c64f51a018a5d306f3cbfb550b3d14ea
SSDEEP

768:RqvM4Avxt2jst34l4GhoVwFMrptDGqNJ7Ir:6VWUj0GhOw6rptfNa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41fd2bf959525d288261d7c8430f0e3f

Files

41fd2bf959525d288261d7c8430f0e3f
.exe windows:4 windows x86 arch:x86

f71c6fafd54530ac017d8988584b312a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
send
recv
getsockname
socket
htons
connect
WSAGetLastError
select
__WSAFDIsSet
WSAIoctl
ioctlsocket
inet_addr
gethostbyname
shutdown
closesocket

kernel32

GetStartupInfoW
GetCurrentThreadId
Sleep
SetErrorMode
WaitForMultipleObjectsEx
TerminateThread
GetModuleFileNameW
CreateEventW
GetLastError
CloseHandle
GetModuleHandleW
FindResourceExW
SizeofResource
LoadResource
GetShortPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
SetFileAttributesA
GetTickCount
GetFileSize
GetCurrentProcess
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GlobalUnlock
CreateThread
RemoveDirectoryA
lstrcatA
GetVersion
lstrcmpA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetModuleHandleA
LoadLibraryExA
GetProcAddress
MultiByteToWideChar
WritePrivateProfileStringA
ReadFile
MulDiv
FindClose
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
MsgWaitForMultipleObjectsEx
PostThreadMessageW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

msvcrt

srand
_ftol
_exit
_XcptFilter
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
wcstombs
_wcsdup
exit
_beginthreadex
_wstat
rand
_errno
??2@YAPAXI@Z
_controlfp
malloc
wcslen
free
time
??3@YAXPAX@Z
__CxxFrameHandler
_cexit
_c_exit
sprintf
sscanf
fprintf
_iob
isdigit
islower
__initenv

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f71c6fafd54530ac017d8988584b312a

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 36KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 156B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 156B

.rsrc
Size: 4KB - Virtual size: 1KB