97a860c202a8016e08818f3aa90525b8

General

Target

97a860c202a8016e08818f3aa90525b8
Size

27KB
MD5

97a860c202a8016e08818f3aa90525b8
SHA1

cadf466abd29cd993dd81ec838282589d0077bac
SHA256

90981b27a98d8dc5c64d5fe5912c3ebf73436a866edd92908349312717e00a4d
SHA512

0dc764b372fa3a0c7b15d17474fa89f0550b6752eb6cc3e573597610829d3e10ec64dc4ae2a2449347f6cd64206dbc13b7831f69cc9cad40d11ba45f7fddca8e
SSDEEP

768:eVL7X3g4ryw0Qw5M94KTWZzzUy94zZSHfqYP2/lzCD+kMw8Ei0:eRvLVw5M9astS/VP2/NCD+kD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97a860c202a8016e08818f3aa90525b8

Files

97a860c202a8016e08818f3aa90525b8
.exe windows:4 windows x86 arch:x86

570b763410d0ea0ba95358bf81ac556a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
gethostbyname
htons
connect
shutdown
accept
listen
bind
gethostname
recv
send
closesocket
WSACleanup

psapi

GetModuleFileNameExA
EnumProcessModules

kernel32

FreeConsole
SetErrorMode
GetConsoleWindow
GetStartupInfoA
GetModuleHandleA
LocalFree
CreateMutexA
GetLastError
GetTickCount
lstrcmpA
lstrcpynA
GlobalAlloc
CreateThread
GetCurrentProcessId
ExitProcess
CreateToolhelp32Snapshot
Process32First
lstrlenA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
SetConsoleTextAttribute
GetStdHandle
AllocConsole
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
Sleep
Process32Next
DeleteFileA
TerminateProcess
CloseHandle
OpenProcess

user32

ShowWindow
wsprintfA
IsCharAlphaNumericA

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_strdup
_strcmpi
fseek
__getmainargs
_acmdln
exit
_XcptFilter
sprintf
fclose
ftell
_unlink
fopen
fread
calloc
_except_handler3
malloc
fwrite
fputs
setvbuf
_iob
_fdopen
_open_osfhandle
strlen
strcat
rand
strcpy
strstr
strrchr
strcmp
memset
strtok
fgets
printf
free
srand
__argv
__argc
_CxxThrowException
??3@YAXPAX@Z
_exit

oleaut32

GetErrorInfo

Sections

.bss
Size: - Virtual size: 226KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

570b763410d0ea0ba95358bf81ac556a

Headers

File Characteristics

Imports

ws2_32

psapi

kernel32

user32

msvcrt

oleaut32

Sections

.bss Size: - Virtual size: 226KB

.data Size: 26KB - Virtual size: 25KB

.bss
Size: - Virtual size: 226KB

.data
Size: 26KB - Virtual size: 25KB