8968cc7b73ad144415c7925107bd5410

Sharing

Copy URL Twitter E-mail

General

Target

8968cc7b73ad144415c7925107bd5410
Size

201KB
MD5

8968cc7b73ad144415c7925107bd5410
SHA1

6d5510d5a5a8ed4e1c467bd58ff1b0894237a0e0
SHA256

942ec1ff8158d0bbfe356b0b445cebc2cc3cde559ed1a981f4d26c8749499b45
SHA512

34870f04c82fec31350124776d912f6982081e8736acb047538718324be04ad3476f490ccc44abcfbd1df4882d2d92ea50376e50f94bcf32a190b3258d503671
SSDEEP

6144:+MdlsRzxVC6EhhmafZ551IXfK/+cesLcX:+QmV86d6PH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8968cc7b73ad144415c7925107bd5410

Files

8968cc7b73ad144415c7925107bd5410
.exe windows:4 windows x86 arch:x86

73c19f94ef187315431cdd0d4c64add5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAEnumProtocolsW
sendto
WSAGetServiceClassNameByClassIdW
WSAAsyncGetServByPort
WSAEnumNameSpaceProvidersA
WSASendDisconnect
WSAEnumNetworkEvents
WSASocketW
WSARecvFrom

version

GetFileVersionInfoSizeA

oleaut32

SysAllocStringLen
QueryPathOfRegTypeLi
SafeArrayRedim
SetErrorInfo
LoadTypeLi

kernel32

QueryDosDeviceA
IsProcessorFeaturePresent
PeekNamedPipe
LocalAlloc
SetConsoleWindowInfo
GetDateFormatA
SetTimeZoneInformation
GetDiskFreeSpaceW
CreatePipe
LocalFileTimeToFileTime
FindFirstFileExW
LoadResource
lstrcatW
GetConsoleMode
SetFileTime
FileTimeToLocalFileTime
SetCommMask
GetLocaleInfoW
_hread
GetProcessHeap
ScrollConsoleScreenBufferA
GetFileAttributesA
EraseTape
VirtualQuery
PeekConsoleInputW
GlobalReAlloc
SizeofResource
OpenFile
GetDriveTypeA
OutputDebugStringA
VirtualUnlock
QueryDosDeviceW
CreateDirectoryW
SetConsoleMode
SetEvent
AllocConsole
SetEndOfFile
ExitProcess
GetModuleHandleA
CreateFileW
GetCompressedFileSizeW
GetTempFileNameA
GetBinaryTypeA
IsValidLocale
FreeResource
VirtualAllocEx
GetShortPathNameW
EnumSystemCodePagesW
VirtualAlloc
GetCommandLineA
lstrcmpiW
CreateEventA
SetConsoleOutputCP
GetComputerNameW
EnumDateFormatsW
GetSystemDirectoryW
GetEnvironmentStringsW
ClearCommBreak
TlsGetValue
GetNumberFormatW
GetProcessTimes
GetACP
WritePrivateProfileSectionW
GetCommConfig
CloseHandle
lstrcpyA
EnumCalendarInfoA
CreateWaitableTimerA

gdi32

CreateCompatibleDC
SetDIBitsToDevice
StrokeAndFillPath
SetWorldTransform
RemoveFontResourceA
ExtTextOutA
EnumObjects
GetTextExtentPointW
EnumMetaFile
SetViewportOrgEx
CreateBitmapIndirect
SetRectRgn
DPtoLP
GetTextFaceW
CreateMetaFileA
MoveToEx
EndDoc

user32

SwitchDesktop
OpenClipboard
wvsprintfW
CreateDialogIndirectParamW
GetScrollBarInfo
UpdateWindow
GetKeyboardLayoutNameW
CreateDesktopA
OemKeyScan
ArrangeIconicWindows
ChildWindowFromPoint
IsClipboardFormatAvailable
GetDlgItemInt
SystemParametersInfoA
GetDesktopWindow

ole32

WriteClassStg
CoFileTimeNow
GetRunningObjectTable

advapi32

RegUnLoadKeyW
LookupPrivilegeValueW
RegEnumKeyA
OpenProcessToken
BuildSecurityDescriptorW
CryptGetHashParam
SetSecurityDescriptorSacl
LookupAccountSidA
RegSetKeySecurity
AccessCheckAndAuditAlarmW
RegSetValueW
IsValidAcl
RegReplaceKeyW
DuplicateTokenEx
GetUserNameA
CryptImportKey
DeleteService
LookupAccountSidW
CryptExportKey
RegLoadKeyW
LogonUserW
OpenEventLogW
CryptCreateHash
CryptVerifySignatureW
RegQueryInfoKeyA
DeregisterEventSource
RevertToSelf
GetPrivateObjectSecurity
RegFlushKey
AccessCheckAndAuditAlarmA
QueryServiceConfigA
ObjectCloseAuditAlarmA
CryptSetHashParam
GetAclInformation
RegDeleteKeyW
DeleteAce
MapGenericMask

shell32

SHGetDesktopFolder
FindExecutableA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHFileOperationW

msvcrt

strerror
_wgetcwd
_wtol
_strrev
_strnicmp
_ismbcspace
_wpopen
wcstol
atoi
_splitpath
vprintf
_errno
_locking
iswspace
strtok
rand
_mbsnicmp
_mbsupr
_ismbcdigit

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73c19f94ef187315431cdd0d4c64add5

Headers

File Characteristics

Imports

ws2_32

version

oleaut32

kernel32

gdi32

user32

ole32

advapi32

shell32

msvcrt

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 5KB - Virtual size: 4KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 5KB - Virtual size: 4KB