5984ad3c2fb316fed61137ca19344c4e

Sharing

Copy URL Twitter E-mail

General

Target

5984ad3c2fb316fed61137ca19344c4e
Size

48KB
MD5

5984ad3c2fb316fed61137ca19344c4e
SHA1

48164f7a8235f1d8b40d01263edbd745b365ce2c
SHA256

73fb250ef2b1b2ee624bd109550a183e12a0b3ad36cc4e867435a4cc8bdfcf65
SHA512

da46eebd8369c6d162b1b724974bc5b5051bc062b366b24704c5323a004b3286580e2b6147659c1bb1e94058b2e8f21df28c413579aefbf4ba47890a319d7453
SSDEEP

768:6lvEXL7hg4VI+0VIirQfUxwR18zo/AmCi9wthSL1FGvuTQx4gdsy2Xtno2I:6ClfEwJrCUISL1FGvsQx462xoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5984ad3c2fb316fed61137ca19344c4e

Files

5984ad3c2fb316fed61137ca19344c4e
.exe windows:4 windows x86 arch:x86

611c04bd28ab0d2065005920ed61f146

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
GetTempPathA
Sleep
CreateDirectoryA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FindFirstFileA
GetFileTime
CreateFileA
GetLastError
GetSystemDirectoryA
FreeLibrary
GetCurrentProcessId
GetProcAddress
LoadLibraryA
FindNextFileA
DeleteFileA
FindClose
GetModuleFileNameA
FileTimeToLocalFileTime
SetFileAttributesA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
WriteFile
ReadFile
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetEnvironmentVariableA

advapi32

RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA

shell32

ShellExecuteA

ws2_32

connect
inet_addr
closesocket
WSAStartup
WSACleanup
recv
htons
socket
send

rasapi32

RasEnumConnectionsA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

611c04bd28ab0d2065005920ed61f146

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

rasapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 20KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 20KB