7f02e83cdd921538445121b63319e77c

Sharing

Copy URL Twitter E-mail

General

Target

7f02e83cdd921538445121b63319e77c
Size

52KB
MD5

7f02e83cdd921538445121b63319e77c
SHA1

cd2aaeec0d2c09c4fa7323989ccae3f5e4fd000d
SHA256

1a0548c364d394661ff0f2624182a76540bb916d59ce144435c2c6c3a0a239cb
SHA512

b0e43ed4c4b19239652b2189903037cb19b293446adf51063b0c3532c793b0264ae1f3f2e64c881454850fb64b05a6d1535da5461e8445bc3396369f7aa184f0
SSDEEP

768:SFGLrJhyo9HQrjyOa4Qoj0iTnKuviD9oWgwKUcHTLk7LFuWAzEgsN:SFGLrJh/9YfFTcDrTfD7RuWLgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f02e83cdd921538445121b63319e77c

Files

7f02e83cdd921538445121b63319e77c
.exe windows:4 windows x86 arch:x86

1f68ea4f86a71e8cbd6c4eafd5423800

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

urlmon

URLDownloadToCacheFileA

shlwapi

StrChrA
StrStrA

ws2_32

gethostname
accept
connect
WSAGetLastError
__WSAFDIsSet
WSAStartup
inet_addr
ioctlsocket
select
shutdown
htons
htonl
socket
setsockopt
bind
closesocket
listen
send
recv

kernel32

HeapFree
ExitProcess
FlushFileBuffers
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
lstrlenA
CloseHandle
ReadFile
GetFileSize
CreateFileA
Sleep
lstrcpyA
lstrcatA
lstrcpynA
TerminateProcess
OpenProcess
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
LeaveCriticalSection
EnterCriticalSection
CreateProcessA
CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
InitializeCriticalSection
GetCPInfo
GetCurrentProcess
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
GetACP
HeapAlloc
DeleteCriticalSection
GetStdHandle
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
UnhandledExceptionFilter
RtlUnwind
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
WriteFile
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetFilePointer
InterlockedDecrement
InterlockedIncrement
MultiByteToWideChar

user32

wsprintfA

advapi32

RegOpenKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f68ea4f86a71e8cbd6c4eafd5423800

Headers

File Characteristics

Imports

iphlpapi

urlmon

shlwapi

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB