972c4481b2236b1811af24628f7aae90

Sharing

Copy URL

Twitter E-mail

General

Target

972c4481b2236b1811af24628f7aae90
Size

102KB
MD5

972c4481b2236b1811af24628f7aae90
SHA1

b5ddec1a0a0cfe6b739f2848b5c95595b6b1c488
SHA256

715d8a8fc272516c97b981e02cfc09188408c089d22fe672c342a47fcadcd499
SHA512

75eb3ba4e6ed4914d1acc25ba77b4dff022d6d7c193bce9a9f5dc9cc7d4d5b3b3a30bb032de39ee5ad94ac491ecfb5e9429bc063a0ca989496f0f0f2a72851c5
SSDEEP

1536:NmrR9LTFRNnlhmTG3MAc43Rv8j0vM1aTa0rfOdtmztPEYvbVTmSNotrVOL:03vFRNHGRw3Ndydtmz9EWbBNotgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
972c4481b2236b1811af24628f7aae90

Files

972c4481b2236b1811af24628f7aae90
.exe windows:4 windows x86 arch:x86

c7d13cb8a13b104f98fa47dfd7e606a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
IsBadWritePtr
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
TlsAlloc
FatalAppExitA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetCurrentThread
TlsGetValue
SetLastError
GetModuleHandleA
GetCommandLineA
LocalAlloc
VirtualAlloc
GetLastError
TerminateProcess
SetConsoleMode
AllocConsole
HeapAlloc
GetModuleFileNameA
TlsFree
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStringTypeW
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetVersion
ExitProcess
GetCurrentProcess

user32

SetClipboardData
InsertMenuItemW
ClientToScreen
InflateRect
LoadImageA
DestroyWindow
OffsetRect
SendDlgItemMessageW
SetWindowsHookExW
ScreenToClient
RegisterClassExW
LoadCursorA
GetPropA
CreateMenu
PostQuitMessage
LoadImageW
DestroyIcon
LoadBitmapA
CloseClipboard
EndDialog
EmptyClipboard
OpenClipboard
CheckRadioButton
IntersectRect

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueA
CloseServiceHandle
ControlService
RegCloseKey

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString
CoRegisterClassObject

ws2_32

WSACreateEvent
WSAConnect
WSACloseEvent
send
WSACleanup
socket
WSAStartup
WSAAddressToStringA

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 198KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c7d13cb8a13b104f98fa47dfd7e606a8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 65KB - Virtual size: 64KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 53KB - Virtual size: 198KB

.text
Size: 65KB - Virtual size: 64KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 53KB - Virtual size: 198KB