7546fbe002f1a6259d488add8b28dd5f

Sharing

Copy URL Twitter E-mail

General

Target

7546fbe002f1a6259d488add8b28dd5f
Size

46KB
MD5

7546fbe002f1a6259d488add8b28dd5f
SHA1

029a8190c69823d19abb1d0269990c7b3cc3bf3f
SHA256

a899c2a5f3b64f731605f9426f34bb13652cfb2bfc05444658e9a604e8cf06e8
SHA512

4e4f72531d42ac93490fe26781f0c93a7be2dfc090de3ed6bf6ebdcb3a3b74ff5f9eafa7fdeef2635fb93ecb0e6f171e7b73a17021f6299cdacc1c1073a7f7da
SSDEEP

768:nh/jfW4BvrUiPdzCXHEHPrEkCrxSYYSSNCGwqBNPlgNUyAHJyyifL0:VlvY4eHEvrEkCrFYSSUGwKNPGNUVwX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7546fbe002f1a6259d488add8b28dd5f

Files

7546fbe002f1a6259d488add8b28dd5f
.exe windows:4 windows x86 arch:x86

985ff404ceb084555bc35b4887085d76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
htons
inet_addr
sendto
closesocket

shlwapi

SHDeleteKeyA

kernel32

VirtualQuery
GetSystemInfo
VirtualProtect
GetVersionExA
GetVolumeInformationA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
CreateMutexA
FlushFileBuffers
HeapSize
LCMapStringW
CloseHandle
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
SetStdHandle
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
LCMapStringA
TlsAlloc
ExitProcess
GetSystemTimeAsFileTime
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameA
TlsFree
SetLastError
TlsSetValue
TlsGetValue
HeapFree
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetACP
GetOEMCP
GetCPInfo

user32

LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
DefWindowProcA
LoadStringA
GetClassNameA
GetWindowTextA
GetWindow
PostQuitMessage
SetTimer
CreateWindowExA
ShowWindow
UpdateWindow
GetTopWindow

advapi32

RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyA

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

985ff404ceb084555bc35b4887085d76

Headers

File Characteristics

Imports

ws2_32

shlwapi

kernel32

user32

advapi32

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 152B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 152B