9c12cb0de16c531714887bb7d8c6c83c

Sharing

Copy URL Twitter E-mail

General

Target

9c12cb0de16c531714887bb7d8c6c83c
Size

37KB
MD5

9c12cb0de16c531714887bb7d8c6c83c
SHA1

aed2ae1625b0b69dd72568a8fadb5342fc6acc1b
SHA256

e552005bdbca5b51a665ed7f20eb3cacdd0ccbcc860ea6cbc88f90881f04027f
SHA512

6f9b0fe3d9d7df2ba6e2662efae20c3da181ac5cc549acae33a6844f75192e08b47fa00c8ee75d7ccf776ec3b38b8d17ba94a1ba5597f8b3b3dcfef19de189ed
SSDEEP

768:pliUc37zCbYdEidg2zVjjFJ1wUXwgbSuh0W4n7SHhOj5l4udBQsT87FTC:TiUc37zCbYtT1WFuh0p2BOjf4tK8k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9c12cb0de16c531714887bb7d8c6c83c

Files

9c12cb0de16c531714887bb7d8c6c83c
.exe windows:1 windows x86 arch:x86

22e1d161c0dd90a4426105fe8936465b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

wininet

InternetGetConnectedState
InternetOpenA
InternetOpenUrlA
InternetReadFile

wsock32

WSAAsyncSelect
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
getpeername
getsockname
htonl
htons
inet_addr
inet_ntoa
listen
recv
send
sendto
shutdown
socket

kernel32

FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetComputerNameA
GetCurrentDirectoryA
GetFileSize
GetModuleHandleA
CloseHandle
GetProcAddress
GetTickCount
GetVersionExA
GetWindowsDirectoryA
CopyFileA
LoadLibraryA
CreateDirectoryA
CreateFileA
ReadFile
RtlUnwind
RtlZeroMemory
SetCurrentDirectoryA
Sleep
WriteFile
lstrcatA
lstrlenA
DeleteFileA

user32

UpdateWindow
LoadCursorA
LoadIconA
SetTimer
KillTimer
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
SendMessageA
RegisterClassExA
PostQuitMessage
ShowWindow
CreateWindowExA
DestroyWindow
DefWindowProcA

advapi32

GetUserNameA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA

crtdll

_iob
_itoa
__GetMainArgs
asctime
atoi
atol
exit
fclose
fflush
fopen
fprintf
_beginthread
free
fwrite
localtime
malloc
memcmp
memcpy
memset
raise
rand
signal
sprintf
srand
strcat
strchr
strcmp
strrchr
strstr
strtok
time

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AZPR0001
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22e1d161c0dd90a4426105fe8936465b

Headers

File Characteristics

Imports

shell32

wininet

wsock32

kernel32

user32

advapi32

crtdll

Sections

.text Size: 20KB - Virtual size: 20KB

.bss Size: - Virtual size: 7KB

.data Size: 7KB - Virtual size: 7KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

AZPR0001 Size: 2KB - Virtual size: 2KB

.text
Size: 20KB - Virtual size: 20KB

.bss
Size: - Virtual size: 7KB

.data
Size: 7KB - Virtual size: 7KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

AZPR0001
Size: 2KB - Virtual size: 2KB