497e57ef8b3246fac3774c05f23baefc

Sharing

Copy URL Twitter E-mail

General

Target

497e57ef8b3246fac3774c05f23baefc
Size

29KB
MD5

497e57ef8b3246fac3774c05f23baefc
SHA1

f1e569a326c84980c4f5eea8a5fd0c9339290c07
SHA256

6e10a01dd0ff5b8748bd609338e0a7771fdbea0309f9482fe7ca283be73780e5
SHA512

3a15cb06d072b0e9757495a0bf5b36b80d3e0bddaee1937aa355874e0b909fee81c3955a52f9e2315395acabb909c9e54c77896c7a1cc0853e92d6b84b1bf8ce
SSDEEP

96:1emg0DwyipFP0Dwyi9zB6asjMHgvjnt431C+d5gTYWjDrU3Becz2xnz+F098tg1n:1emfw1Tgw1TngvRXme1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
497e57ef8b3246fac3774c05f23baefc

Files

497e57ef8b3246fac3774c05f23baefc
.exe windows:4 windows x86 arch:x86

fc4d53a837e9c08f02efba39b87cef55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal
CoTaskMemFree

kernel32

GlobalMemoryStatus
GetDiskFreeSpaceA
GetDriveTypeA
CloseHandle
CreateFileA
CreateFileMappingA
CreateToolhelp32Snapshot
ExitProcess
lstrlenW
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
_lwrite
FindClose
FindFirstFileA
FindNextFileA
GetComputerNameA
GetCurrentDirectoryA
_lread
_lopen
_lcreat
_lclose
WriteFile
WideCharToMultiByte
UnmapViewOfFile
Sleep
ReadFile
Process32Next
Process32First
OpenProcess
MultiByteToWideChar
MapViewOfFile
LocalFree
LocalAlloc
LoadLibraryA
GetFileSize
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
GetPrivateProfileSectionNamesA
GetPrivateProfileIntA
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetLastError
GetCurrentProcess

user32

ReleaseDC
GetDC
wsprintfA

oleaut32

SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData

advapi32

GetUserNameA
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegCreateKeyA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges

shlwapi

StrCmpNA
StrRChrA
StrChrA
StrStrIA

wsock32

socket
send
recv
gethostname
connect
closesocket
WSAStartup

ws2_32

WSAIoctl

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasGetEntryPropertiesA

gdi32

GetDeviceCaps

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc4d53a837e9c08f02efba39b87cef55

Headers

File Characteristics

Imports

ole32

kernel32

user32

oleaut32

advapi32

shlwapi

wsock32

ws2_32

rasapi32

gdi32

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 185KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 185KB