9adad3519429d9fdd9c6ce5641d13f44

Sharing

Copy URL

Twitter E-mail

General

Target

9adad3519429d9fdd9c6ce5641d13f44
Size

173KB
MD5

9adad3519429d9fdd9c6ce5641d13f44
SHA1

393e65a5fbb1175d3f1443c298294e921375a98d
SHA256

e24d7e68488d6417c6a6e43f45b81461bd6d9b80b54e9d36f08bdf7bff6a6899
SHA512

f8eb0c0d5fa98c61dcfaebe5b2c7ff8eeb80f1dd8f6e78fab443d456b8d0eff995b90c171bad64c2c240f306b9a41e2fc954f819afd490970cc4497ed3440959
SSDEEP

3072:i3eyS2DcfOUdHDqJN492TLZT+KwVevowwesFj0ztxoUy78XhimiLgKEeB64BWioH:aS2DcGUo/U2TLZdwcG505eUy6rKEeBlQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9adad3519429d9fdd9c6ce5641d13f44

Files

9adad3519429d9fdd9c6ce5641d13f44
.exe windows:4 windows x86 arch:x86

399300018dff6af6a539326d9a6fed19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
SetConsoleCtrlHandler
SearchPathA
SetConsoleTitleA
GetVersionExA
HeapDestroy
LeaveCriticalSection
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetLocaleInfoW
GetLocaleInfoA
SetEndOfFile
CompareStringW
CompareStringA
SetEnvironmentVariableA
SetFilePointer
CreateFileA
RtlUnwind
GetACP
GetCPInfo
GetOEMCP
GetEnvironmentStrings
FreeEnvironmentStringsW
HeapFree
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MoveFileA
HeapReAlloc
CreateDirectoryA
GetCommandLineA
GetVersion
WriteFile
GetStdHandle
Sleep
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetProcAddress
GetEnvironmentStringsW
VirtualAlloc
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetFileType
LoadLibraryA
GetFullPathNameA
GetCurrentDirectoryA
FlushFileBuffers
CloseHandle
SetHandleCount
GetStartupInfoA
GetModuleHandleA
ReadFile
SetStdHandle
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA

advapi32

RegOpenKeyExA
RegCloseKey
GetUserNameA
RegQueryValueExA

wsock32

WSACleanup
gethostname
WSAStartup
WSAGetLastError
gethostbyaddr
inet_addr
ioctlsocket
recv
gethostbyname
send
setsockopt
select
accept
closesocket
htonl
bind
listen
getsockname
ntohs
connect
htons
socket

user32

WinHelpA

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

399300018dff6af6a539326d9a6fed19

Headers

File Characteristics

Imports

kernel32

advapi32

wsock32

user32

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 40KB - Virtual size: 54KB

.idata Size: 3KB - Virtual size: 2KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 40KB - Virtual size: 54KB

.idata
Size: 3KB - Virtual size: 2KB