76527550c03cae2c44e4ff3623825ca6

Sharing

Copy URL Twitter E-mail

General

Target

76527550c03cae2c44e4ff3623825ca6
Size

160KB
MD5

76527550c03cae2c44e4ff3623825ca6
SHA1

ebd0d9373c5e85a1181f85fce326454eb2ec34f9
SHA256

479476990132aa310cad56283bad8adf74da55d4389c5c910f8b8b89cd7c2914
SHA512

57763bde14005f4e789d63f746b6184cecd6ff6d5e33294357d23511cc8ee191419bcd63532a7f33d4ee43bdaca15e982d81267854e3431d6c6df82de11f5d56
SSDEEP

3072:dOq9DT/vSljy/LrA3tAY6oocD6FJ2saA1p4uPkrYYZTOH30:dH9DT/vTA3txVD1BQFkfZY0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76527550c03cae2c44e4ff3623825ca6

Files

76527550c03cae2c44e4ff3623825ca6
.exe windows:4 windows x86 arch:x86

848f4b1052399d4e31a09d9244abd786

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
SizeofResource
FindResourceA
GetProcAddress
LoadLibraryA
Sleep
GetLastError
CreateFileA
CompareStringA
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
IsBadCodePtr
LockResource
WriteFile
CloseHandle
GetSystemDirectoryA
GetModuleFileNameA
CopyFileA
CompareStringW
DeleteFileA
IsBadReadPtr
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
WideCharToMultiByte
SetUnhandledExceptionFilter
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
SetTimer

advapi32

CreateServiceA
CloseServiceHandle
StartServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
OpenSCManagerA

ws2_32

connect
htons
socket
gethostbyname
gethostname
closesocket
recv
send
WSACleanup
WSAStartup

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

848f4b1052399d4e31a09d9244abd786

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 76KB - Virtual size: 72KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 52KB - Virtual size: 51KB

.text
Size: 76KB - Virtual size: 72KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 52KB - Virtual size: 51KB