67f9b37094bc046cd281430645a5161f

General

Target

67f9b37094bc046cd281430645a5161f
Size

22KB
MD5

67f9b37094bc046cd281430645a5161f
SHA1

2d49f6277c75cac5ffae7a9515d08ec1799cb402
SHA256

a3681503824f294c0994250c54ec8283d18298332f4fe731d0d2b218a37d6a54
SHA512

8820793b7f2f18d0b9ac66e1b35215c44178e310e8ba3c6b8c14c190668bffc7913a3595590e55ebb9fae2b16cb4e3b27f61a380a2f4b681113ab6b36f2bce84
SSDEEP

192:dkAaBrdCyYCEgOIoMHFBkf07SAM6ta0ppieUs6okq:dtaBrdVYCEgF72p0p56

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67f9b37094bc046cd281430645a5161f

Files

67f9b37094bc046cd281430645a5161f
.exe windows:4 windows x86 arch:x86

30a69e520bd30184f01533e44ad8303f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
gethostbyname
getsockname
htons
WSAAsyncSelect
bind
setsockopt
listen
accept
closesocket
socket
connect
select
__WSAFDIsSet
recv
send
inet_addr

kernel32

FatalAppExitA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
Sleep
CreateThread
ExitThread
SetConsoleCtrlHandler
GetStdHandle
AllocConsole
FreeLibrary
GetProcAddress
LoadLibraryA

msvcr80d

_except_handler4_common
_decode_pointer
_onexit
setvbuf
__iob_func
_fdopen
_open_osfhandle
printf
memset
memcpy
strlen
sprintf
_stricmp
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_amsg_exit
__getmainargs
_exit
_XcptFilter
_cexit
exit
_ismbblead
_acmdln
_CrtSetCheckCount
_CrtDbgReportW
_initterm
_initterm_e
_crt_debugger_hook
_controlfp_s
_invoke_watson
_unlock
__dllonexit
_lock

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30a69e520bd30184f01533e44ad8303f

Headers

File Characteristics

Imports

ws2_32

kernel32

msvcr80d

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB