476f864784f7125815a7c22a89a95134

General

Target

476f864784f7125815a7c22a89a95134
Size

19KB
MD5

476f864784f7125815a7c22a89a95134
SHA1

46fbdc6b23d14e27a60d74fb2db616ab2c6c750e
SHA256

9d6bd089c4fb36ef0453ebce847ac5f18f5c5788ead3bfd37e65258f2cce7952
SHA512

e8d3f56a65da7a565e24b2eed6b0a7638f2f8cf44974cb73169ff8386674df0572caf081e4cc477cf38e5af47696c9a188fdb8f3e828a1c0be9f82e8946aae48
SSDEEP

384:ud/tyUZwPF2ZnqSPM4KiiFL8Kzb43dxqT39/f2S85r:I1Tyvm09FL8Kzb43bE2S85

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
476f864784f7125815a7c22a89a95134

Files

476f864784f7125815a7c22a89a95134
.exe windows:4 windows x86 arch:x86

565c7255179f28323d147ff96d2d99ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
FindWindowExA
FindWindowA
wsprintfA

kernel32

FindNextFileA
FreeLibrary
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDrives
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetProcAddress
GetVersionExA
GetVolumeInformationA
FindFirstFileA
GlobalMemoryStatus
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
ReadFile
SetFileAttributesA
SetFilePointer
Sleep
WideCharToMultiByte
WriteFile
FindClose
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
ExitProcess
CreateThread
CreateFileA
CopyFileA
CloseHandle
GetWindowsDirectoryA
lstrcatA

wsock32

WSAStartup
closesocket
connect
gethostbyname
gethostname
socket
recv
send

advapi32

GetSidSubAuthority
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetUserNameA
RegCloseKey
RegCreateKeyA
RegEnumKeyExA
RegQueryValueExA
RegSetValueExA
IsValidSid
LookupAccountNameA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ole32

CoTaskMemFree

rasapi32

RasGetEntryDialParamsA
RasGetEntryPropertiesA
RasEnumEntriesA

Sections

Size: 14KB - Virtual size: 13KB

IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 132KB

IMAGE_SCN_MEM_WRITE

Size: 257B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

565c7255179f28323d147ff96d2d99ae

Headers

File Characteristics

Imports

user32

kernel32

wsock32

advapi32

shell32

ole32

rasapi32

Sections

Size: 14KB - Virtual size: 13KB

Size: 2KB - Virtual size: 1KB

Size: 2KB - Virtual size: 132KB

Size: 257B - Virtual size: 257B