89fdd199894ce6ffeb2e20d473cbb889

Sharing

Copy URL Twitter E-mail

General

Target

89fdd199894ce6ffeb2e20d473cbb889
Size

33KB
MD5

89fdd199894ce6ffeb2e20d473cbb889
SHA1

8fbbbbb930cb1e7044025e348338ed5d8dca1261
SHA256

cac80c0185e14159700717beb6f6177fb30d2ed648db62cbfa59371dc696d8fc
SHA512

c565b6398f090a7bb237a39f21bc1c22186ac0e2c4edf2d3f929bda0f101a73dcb0ba571b1d46e491c134ae0dd5156dd29a79fa123c02323fe084c62e6f5db13
SSDEEP

768:eSHHAQOiNOUcm65F08VPawz1curPU1KYAVRDg:xHAQOiNOUcQ8VPLqu7U1H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89fdd199894ce6ffeb2e20d473cbb889

Files

89fdd199894ce6ffeb2e20d473cbb889
.exe windows:4 windows x86 arch:x86

925f5f0768e221a05d941799b9515c66

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetProcAddress
LoadLibraryA
Sleep
HeapAlloc
GetProcessHeap
HeapFree
GetLastError
GetLocalTime
lstrcpyA
LocalFree
lstrcatA
LocalAlloc
IsBadWritePtr
lstrlenA
GetCurrentThread
FreeLibrary
CopyFileA
DeleteFileA
ExitProcess
WinExec
GetCurrentDirectoryA
GetModuleFileNameA
GetPrivateProfileStringA
GetACP
GetDiskFreeSpaceA
GetVersionExA
GlobalMemoryStatus
GetWindowsDirectoryA
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA

user32

DefWindowProcA
PostQuitMessage
KillTimer
GetDesktopWindow
EnumChildWindows
GetParent
GetClassNameA
GetWindowLongA
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
RegisterClassA
SendMessageA
SetTimer
wsprintfA

shell32

ShellExecuteA

msvcrt

malloc
_findfirst
sprintf
toupper
strncmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
strcat
strlen
fwrite
fopen
free
strrchr
strncpy
strchr
strcpy
memset
exit
_itoa
memcpy
calloc
memcmp
isdigit
abs
__p__acmdln
atoi
tan
cos
sin
sqrt
_ftol
strcmp
fread
_XcptFilter
_exit
fclose
fseek
_mkdir
_findnext

wsock32

closesocket
recv
WSAGetLastError
select
ioctlsocket
send
connect
gethostbyname
inet_addr
htons
getservbyname
WSACleanup
WSACancelBlockingCall
WSAIsBlocking
WSAStartup
gethostname
inet_ntoa
socket

Sections

.text
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

925f5f0768e221a05d941799b9515c66

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt

wsock32

Sections

.text Size: 18KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 5KB - Virtual size: 188KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.text
Size: 18KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 5KB - Virtual size: 188KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB