9a8be7dced7db6bdadf71c679ebb6085

General

Target

9a8be7dced7db6bdadf71c679ebb6085
Size

15KB
MD5

9a8be7dced7db6bdadf71c679ebb6085
SHA1

7535f252f7c089d1d6f0683f00e64801e79a4552
SHA256

88f5a20dfe06daf902674823449918d1debd3c51e7d834cc55f5d48118abe407
SHA512

d3163d570db58b71b7a85862818da3c90a96a043def25c97d01e3c32816e6bc877f6b707a2e3cf4f141f6edef1c695dd8a1b87d14d2d480bebd34f9b8fd3dcc8
SSDEEP

384:fP6hFdXgqHYaW7vdX5UdNMLLD33iDWiMmQKuTKzp+I:fP6hFZdYj1LLb3iCiMsuTKP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a8be7dced7db6bdadf71c679ebb6085

Files

9a8be7dced7db6bdadf71c679ebb6085
.exe windows:1 windows x86 arch:x86

df1572cc0e4c8a5f1a4f0af0fab8308a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
getsockname
htons
inet_ntoa
listen
ntohs
recv
select
send
socket

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

kernel32

ExitProcess
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetFileSize
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetProcAddress
GetStdHandle
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
CopyFileA
LoadLibraryA
CreateFileA
ReadFile
RtlUnwind
SetFilePointer
Sleep
WinExec
WriteConsoleA
lstrcpyA
CreateThread

user32

wsprintfA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
_stricmp
_strnicmp
tolower
atoi
exit
free
malloc
memcpy
memset
raise
rand
signal
sprintf
srand
strchr
strcmp
strcpy
strlen
strncpy
vsprintf

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 404B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

df1572cc0e4c8a5f1a4f0af0fab8308a

Headers

File Characteristics

Imports

wsock32

wininet

kernel32

user32

advapi32

crtdll

Sections

.text Size: 8KB - Virtual size: 8KB

.bss Size: - Virtual size: 404B

.data Size: 3KB - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.text
Size: 8KB - Virtual size: 8KB

.bss
Size: - Virtual size: 404B

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB