7041c7a65df4f604040c9852b7c10994

General

Target

7041c7a65df4f604040c9852b7c10994
Size

32KB
MD5

7041c7a65df4f604040c9852b7c10994
SHA1

376154f1f08575c9f2a817c99df84202b2713742
SHA256

f01bcc8f4bcaefa86c9b8a210bf9bb7cbff5a9f41af05fc6509ecdb84eb1e1e1
SHA512

1114a3d5875d486bb184b75a99e9c031379e8322b558340a55ac606a08cd8cc21d6619b2f976a76c1ca830c087336f7b273a745f0226c3a2dea8ee77c8c1f6ed
SSDEEP

768:H4TeX5py2/MlJ/IwhYaSZcBdeimhxqWTnvR33tWvUP/M5GQBJe:H4TezUwozSa/SlavUPUgiE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7041c7a65df4f604040c9852b7c10994

Files

7041c7a65df4f604040c9852b7c10994
.exe windows:1 windows x86 arch:x86

860701bd80ac40babc72e489192171e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LocalAlloc
GetCurrentProcess
ExitThread
SetFilePointer
ResetEvent
ReadFile
CreateMutexA
LocalFree
GetModuleFileNameA
SetPriorityClass
SetEndOfFile
GetModuleHandleA
RegisterServiceProcess
GetPrivateProfileStringA
GetProcAddress
ExitProcess
CopyFileA
LocalReAlloc
CreateProcessA
CloseHandle
WaitForSingleObject
Sleep
CreateThread
CreateFileA
GetLastError
SetCurrentDirectoryA
DeleteFileA
GetFileSize
WriteFile
WritePrivateProfileStringA
lstrcat
lstrcmpi
lstrlen
GetWindowsDirectoryA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

user32

PeekMessageA
DispatchMessageA
TranslateMessage

ws2_32

socket
send
recvfrom
recv
inet_addr
gethostname
gethostbyname
connect
closesocket
bind
WSAStartup
sendto
WSAGetLastError
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

860701bd80ac40babc72e489192171e0

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ws2_32

Sections

CODE Size: 16KB - Virtual size: 16KB

DATA Size: 4KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 4KB

.reloc Size: 8KB - Virtual size: 20KB

CODE
Size: 16KB - Virtual size: 16KB

DATA
Size: 4KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 20KB