564fb51c90f91e749fc002446cfe8a09

General

Target

564fb51c90f91e749fc002446cfe8a09
Size

47KB
MD5

564fb51c90f91e749fc002446cfe8a09
SHA1

d1f3e3cc5341f713e8e7b7844de26472f6351e16
SHA256

95b259250391939a5b897ef485e1a4b8cef9380edb7481dd1c0e672c399f4699
SHA512

71e6d57b61443f8ba3d190e1c0e5b9daa1718484dd20ec067bdb07a2254d406feaf586467aa66e68bdb4c4dad76b8a04640ddad63b445295553954290591b175
SSDEEP

768:QHljxmpsoTm33yH1QD85MA3pQLQoLyGnkPtPGwZz+jrUnJtaiU/UDW:4ysoinyH1w8mAZ4nkPtPEUJIirDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
564fb51c90f91e749fc002446cfe8a09

Files

564fb51c90f91e749fc002446cfe8a09
.dll windows:1 windows x86 arch:x86

48636926012137fdfcf5b39409d80785

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetCurrentProcess
GetLastError
GetLocalTime
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryA
MultiByteToWideChar
ReadFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
DisableThreadLibraryCalls
FlushInstructionCache
VirtualAlloc
VirtualFree
VirtualProtect
RtlMoveMemory

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CharLowerBuffA
CharNextA
CharUpperBuffA
CreateDialogParamA
CreateWindowExA
DialogBoxParamA
GetParent

ws2_32

gethostbyname
gethostname
send
WSAGetLastError

Exports

Exports

axsvr

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48636926012137fdfcf5b39409d80785

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

user32

ws2_32

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 37KB

.data Size: 4KB - Virtual size: 201KB

.link Size: 2KB - Virtual size: 1KB

.rloc Size: 2KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.data
Size: 4KB - Virtual size: 201KB

.link
Size: 2KB - Virtual size: 1KB

.rloc
Size: 2KB - Virtual size: 1KB