64857087923a91e70afcc5171c38f1bd

Sharing

Copy URL Twitter E-mail

General

Target

64857087923a91e70afcc5171c38f1bd
Size

144KB
MD5

64857087923a91e70afcc5171c38f1bd
SHA1

689023359b453e0004b9afb8e39aa66c2e20a1a1
SHA256

7c2ba9c2e79bb7b8e1c21801c6c6e843e7a47b97481c26a65da31e64180043ea
SHA512

52bbf58cf050642c58f0468c9aab1d37ab408e9ef84e2481f7ff5ba04b2c8679eba626dd3775820dfb25d993aba88312f2802452afd54ce7050a7dc9db400bef
SSDEEP

3072:coAtuxNeV8atxi4ImUi1Tk2BUcqDgwmCz9T8vD3TurV2:coAoeV8jw62BUWDlw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64857087923a91e70afcc5171c38f1bd

Files

64857087923a91e70afcc5171c38f1bd
.exe windows:4 windows x86 arch:x86

cdb48d583892604d0aa3d4e8b8268d5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
LoadIconA
DefWindowProcA
PostQuitMessage
DestroyMenu
PostMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
CreatePopupMenu
MessageBoxA
DialogBoxIndirectParamA
CreateWindowExA
SetDlgItemTextA
SetFocus
SendMessageA
EnableWindow
SetWindowTextA
GetDlgItem
CheckDlgButton
GetDlgItemTextA
IsDlgButtonChecked
SetMenuItemInfoA
AppendMenuW
ShowWindow
LoadImageA
GetMessageA
DispatchMessageA
TranslateMessage
DestroyWindow

shell32

SHGetPathFromIDListA
CommandLineToArgvW
SHBrowseForFolderA
ShellExecuteA
Shell_NotifyIconA

comdlg32

GetOpenFileNameA

ws2_32

setsockopt
gethostname
ntohl
htonl
WSAGetLastError
send
recv
htons
ntohs
WSAStartup
closesocket
inet_ntoa
ioctlsocket
connect
socket
getsockname
listen
bind
getsockopt
accept
sendto
recvfrom
getpeername
__WSAFDIsSet
select
shutdown
gethostbyname

advapi32

CreateServiceW
ChangeServiceConfig2A
OpenServiceW
DeleteService
CloseServiceHandle
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
OpenSCManagerA

msvcrt

_acmdln
_XcptFilter
__getmainargs
__p___argv
__p___argc
wcsncat
strncat
_fullpath
strcpy
signal
freopen
printf
exit
remove
rename
_rmdir
wcschr
fputs
_beginthread
fwrite
fread
_wfopen
_initterm
__setusermatherr
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_strdup
_adjust_fdiv
memmove
calloc
free
memcmp
memcpy
fclose
_pctype
_isctype
__mb_cur_max
strchr
fgets
fopen
strstr
strncmp
realloc
srand
rand
abort
memset
malloc
_chdir
time
fprintf
_iob
strlen
tolower
strncpy
fflush
fputc
vfprintf
wcscat
_ftol
strcmp
_vsnprintf
memchr
sscanf
strerror
_errno
atoi
_atoi64
fseek
_snprintf
strftime
gmtime
strtoul
strrchr
localtime
wcslen
toupper
getenv
fgetc
_wstati64

kernel32

ReadFile
GetLastError
WriteFile
GetCurrentProcess
GetStdHandle
CreatePipe
DuplicateHandle
CreateProcessW
CloseHandle
MultiByteToWideChar
GetLocalTime
SystemTimeToFileTime
WideCharToMultiByte
FindNextFileW
FindClose
SetLastError
GetFileAttributesW
FindFirstFileW
GetStartupInfoA
FormatMessageA
GetModuleFileNameW
GetCurrentDirectoryW
TerminateThread
GetCommandLineW
LocalFree
GetModuleHandleA
GetFullPathNameW
Sleep
SetHandleInformation

Exports

Exports

rmdir

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdb48d583892604d0aa3d4e8b8268d5b

Headers

File Characteristics

Imports

user32

shell32

comdlg32

ws2_32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 90KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 20KB - Virtual size: 19KB

.text
Size: 92KB - Virtual size: 90KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 20KB - Virtual size: 19KB