66034c00b688d228fb018a389268d497

Sharing

Copy URL Twitter E-mail

General

Target

66034c00b688d228fb018a389268d497
Size

92KB
MD5

66034c00b688d228fb018a389268d497
SHA1

8e944cc7a0848122c3df8a454c0f5b1f3eaf3180
SHA256

61d7d1cdabeaa7ab2bd48af064839f2e23e7610fc6ffc9df6606063b7fdde18e
SHA512

45b3285140b28fe284aac2db0c65f4783b7b590c6009aba760c5f5e3b301c0ac44bbf52fcddebf5aa26401f60cbb7b2b87266b02f1987c6d785c2002a2ac917b
SSDEEP

1536:w5gv7aJ6ZwgNQ9CPS/ITjXIHjFxXO/U5DwrgrO37HDqf4JX7gVzVmOXsNzs:WuVZw46CPtIHhxJ5WHqf6rgVzVmOk4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66034c00b688d228fb018a389268d497

Files

66034c00b688d228fb018a389268d497
.exe windows:4 windows x86 arch:x86

45565f7828dc6870d2a4e0071c39b069

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
CloseServiceHandle
CreateServiceA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
GetUserNameA
LookupPrivilegeValueA
OpenProcessToken
OpenSCManagerA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateDirectoryA
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToSystemTime
FindAtomA
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetAtomNameA
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetExitCodeProcess
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetSystemInfo
GetTempPathA
GetTickCount
GetVersionExA
GlobalMemoryStatus
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
MoveFileA
OpenProcess
PeekNamedPipe
Process32First
Process32Next
QueryPerformanceFrequency
ReadFile
ReleaseMutex
RemoveDirectoryA
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
WaitForSingleObject
WriteFile

msvcrt

_itoa
_stat
_strdup
_stricmp
__getmainargs
__p__environ
__p__fmode
__set_app_type
_beginthread
_cexit
_errno
_fileno
_iob
_onexit
_setmode
_vsnprintf
abort
atexit
atoi
clock
fclose
fflush
fgets
fopen
fprintf
fread
free
fwrite
malloc
memcpy
memset
printf
raise
rand
realloc
setvbuf
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strerror
strncat
strncmp
strncpy
strstr
time
toupper

shell32

ShellExecuteA

user32

DispatchMessageA
ExitWindowsEx
GetMessageA
PeekMessageA

version

GetFileVersionInfoA
VerQueryValueA

wininet

InternetCloseHandle
InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile

ws2_32

WSAGetLastError
WSASocketA
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getsockname
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
recv
select
send
sendto
setsockopt
shutdown
socket

Sections

PESHiELD
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PESHiELD
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PESHiELD
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PESHiELD
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PESHiELD
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ANAKIN2K
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45565f7828dc6870d2a4e0071c39b069

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

shell32

user32

version

wininet

ws2_32

Sections

PESHiELD Size: 70KB - Virtual size: 72KB

PESHiELD Size: 6KB - Virtual size: 8KB

PESHiELD Size: - Virtual size: 1.0MB

PESHiELD Size: 5KB - Virtual size: 8KB

PESHiELD Size: 4KB - Virtual size: 8KB

ANAKIN2K Size: 5KB - Virtual size: 12KB

PESHiELD
Size: 70KB - Virtual size: 72KB

PESHiELD
Size: 6KB - Virtual size: 8KB

PESHiELD
Size: - Virtual size: 1.0MB

PESHiELD
Size: 5KB - Virtual size: 8KB

PESHiELD
Size: 4KB - Virtual size: 8KB

ANAKIN2K
Size: 5KB - Virtual size: 12KB