73c1e78b45eb8cf33656ec821cbbbb46

Sharing

Copy URL

Twitter E-mail

General

Target

73c1e78b45eb8cf33656ec821cbbbb46
Size

152KB
MD5

73c1e78b45eb8cf33656ec821cbbbb46
SHA1

6f23eb5b771db634b60291eceb0b01fbb30bb486
SHA256

ecb627c11b5802d7ad313d1bf5cb9e43fe5862587ffa7dbfdd2be2794fcbb0bf
SHA512

518dc8697a01aadda2cb21e17057e9e64c9f16f90e6f12a6fe9351daa356851dcdb2d3f57c52709c9cdb0b170077542e5b17da83beb3f1b3a1194a6ca508a5f6
SSDEEP

3072:auz9BxgAsVo6qvVju2PIPpW80Mej9JkV/:auJBxOVo6qtClPfZeJy/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73c1e78b45eb8cf33656ec821cbbbb46

Files

73c1e78b45eb8cf33656ec821cbbbb46
.exe windows:5 windows x86 arch:x86

560a0c217e61c592c96e90df4803d20e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
WSAStartup
inet_addr
htons
WSACleanup
recv
socket
closesocket
gethostbyname
send

kernel32

MulDiv
GlobalUnlock
RtlMoveMemory
GetProcAddress
GlobalFree
LockResource
ExitProcess
GetCommandLineW
CreateMutexW
lstrcmpA
lstrlenA
lstrcpynA
HeapAlloc
HeapFree
GetModuleHandleW
VirtualFree
GetProcessHeap
SizeofResource
WideCharToMultiByte
TerminateThread
Sleep
GetVersionExW
lstrcpynW
TerminateProcess
lstrcatA
lstrcmpW
lstrlenW
GetStartupInfoW
GetLastError
VirtualAlloc
GetLocalTime
Process32FirstW
Process32NextW
lstrcatW
CreateToolhelp32Snapshot
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
lstrcpyW
CreateThread
lstrcpyA
LoadLibraryW
GlobalAlloc
FreeResource
GlobalLock
LoadResource
FreeLibrary
FindResourceW
OpenProcess

user32

ReleaseCapture
MessageBoxW
SetWindowsHookExW
CreateWindowExW
FindWindowExW
CreateDialogParamW
SetMenu
ShowWindow
LoadStringW
GetCursorPos
SetWindowPos
GetSysColor
SendDlgItemMessageW
EndDialog
SetWindowLongW
GetDlgItem
EnableMenuItem
SetClassLongW
SystemParametersInfoW
GetWindowTextW
LoadMenuW
GetAsyncKeyState
GetWindowTextA
LoadIconW
RegisterClassExW
SetFocus
GetClientRect
FindWindowW
wsprintfA
IsWindowEnabled
LoadCursorW
AttachThreadInput
TrackMouseEvent
DialogBoxParamW
SetForegroundWindow
GetSubMenu
SetCapture
TrackPopupMenu
SendDlgItemMessageA
LockSetForegroundWindow
GetWindowRect
GetWindowTextLengthW
SetCursor
DestroyWindow
MapWindowPoints
UpdateWindow
EnableWindow
SetWindowTextW
DestroyIcon
CallWindowProcW
DefWindowProcW
GetDC
ReleaseDC
GetWindowThreadProcessId
SendMessageW

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
GetTextExtentPoint32W
SetTextColor
SelectObject
GetDeviceCaps
DeleteDC
GetStockObject
TextOutW
GetObjectW
CreateFontW
SetBkColor

advapi32

RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW
Shell_NotifyIconW

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

560a0c217e61c592c96e90df4803d20e

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 11KB

.tls Size: 6KB - Virtual size: 5KB

.rsrc Size: 125KB - Virtual size: 124KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 11KB

.tls
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 125KB - Virtual size: 124KB