964e87020f5825b8ecdc59bad0ef5da2

General

Target

964e87020f5825b8ecdc59bad0ef5da2
Size

8KB
MD5

964e87020f5825b8ecdc59bad0ef5da2
SHA1

671cdb12e7746e50587d5b0731e87d7ce5b44e75
SHA256

779171037f62420a369f5eaee6d99f68c55fac769668521cb979967e00cbd719
SHA512

14da35207871a6f00ba3cdfa7b46e13d8a760fd1ccfb5455fa6fb4ece9cfce2af454a185e95a0cc232eebfdae34acd1c7c3b1a9c7a7105219b13e2825f188c0c
SSDEEP

192:vUhU/xq0dDzUeD55qeqdbYbzoGBc132ySGVYpPVzpUPwhvHbHNwIrSv:vsU/7RQeDqA7By3e95VzpUg54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
964e87020f5825b8ecdc59bad0ef5da2

Files

964e87020f5825b8ecdc59bad0ef5da2
.exe windows:1 windows x86 arch:x86

bca855c84fdaa922e9bff1571fb286ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
CreateThread
CreateToolhelp32Snapshot
ExitProcess
ExitThread
GetCurrentProcess
GetCurrentProcessId
GetDriveTypeA
GetLogicalDriveStringsA
GetStartupInfoA
GetSystemDirectoryA
GetTempPathA
GetTickCount
GlobalAlloc
GlobalFree
LocalAlloc
LocalFree
OpenProcess
PeekNamedPipe
Process32First
Process32Next
ReadFile
SetFileAttributesA
Sleep
SleepEx
TerminateProcess
WaitForSingleObject
WriteFile
lstrcatA
lstrlenA

user32

MessageBoxA
wsprintfA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

wsock32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
inet_addr
recv
send
socket

shlwapi

PathFileExistsA

winmm

timeSetEvent

psapi

GetModuleFileNameExA

ntdll

RtlSetProcessIsCritical
strcat
strcmp
strlen

Sections

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bca855c84fdaa922e9bff1571fb286ed

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wsock32

shlwapi

winmm

psapi

ntdll

Sections

.rsrc Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 469B

.text Size: 3KB - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 22KB

.rsrc
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 469B

.text
Size: 3KB - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 22KB