47f7fd6a2705b7c718cd366dc81dbd08

General

Target

47f7fd6a2705b7c718cd366dc81dbd08
Size

41KB
MD5

47f7fd6a2705b7c718cd366dc81dbd08
SHA1

55ef52bf3a6036fbafc9e0865e3fa7573d4b6937
SHA256

59fd718855e374515e328943b8931bfc5c553fc615033eeb339f7053ef6e13cc
SHA512

3a1ed643373ec207cbd71197b882b6b634f3f414e2adc294dc7a3bd5307dcc0bb3cc7748fd969a25b5af81774eea179a2982878ce1c8e72d948d0bf3840914ba
SSDEEP

768:zKrcSmGW8b0VtMyMEbp5nbZG20MgfsTSsojZZUD:zK2tYEDnbZFgfCSsiOD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47f7fd6a2705b7c718cd366dc81dbd08

Files

47f7fd6a2705b7c718cd366dc81dbd08
.exe windows:4 windows x86 arch:x86

eb8c44e034750e6a0e50a5973053fb11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
inet_addr
sendto
recv
closesocket
send
accept
listen
socket
inet_ntoa
connect
WSAGetLastError
htons
bind
select
__WSAFDIsSet
ioctlsocket
gethostbyname

kernel32

LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
SetFilePointer
LCMapStringW
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
Sleep
WinExec
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCurrentProcessId
FlushFileBuffers
HeapSize
GetCommandLineA
HeapAlloc
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
HeapFree
RtlUnwind
GetStartupInfoA
CloseHandle
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
InterlockedExchange
VirtualQuery
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

advapi32

RegSetValueExA
RegOpenKeyExA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

eb8c44e034750e6a0e50a5973053fb11

Headers

File Characteristics

Imports

wsock32

kernel32

advapi32

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 16KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 16KB