726d0a731c56e4645c8488354796eb9cbb78b81ab33e5d1d4812ca47afed2785

General

Target

726d0a731c56e4645c8488354796eb9cbb78b81ab33e5d1d4812ca47afed2785
Size

38KB
MD5

84c3137aadf00824dd326cff14702c5a
SHA1

7cea55cddf7f929dc4b85f709683a2261d6ca6f4
SHA256

726d0a731c56e4645c8488354796eb9cbb78b81ab33e5d1d4812ca47afed2785
SHA512

4fb344de3f22c15b70c0ea8470eab39c61e853bc76572df3c50f2ab91ff1dfe55be78b7537f7cd2698c4e4d83eeca58eca4ead59b61edaa2b099b68e62a0c619
SSDEEP

768:Snq9UrrEtU2pxan5PTVqWSJfMDPL0HRbuRcwfSUkmuGSunVAind6h:B9mHb9L0HFuNEGSyAi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
726d0a731c56e4645c8488354796eb9cbb78b81ab33e5d1d4812ca47afed2785

Files

726d0a731c56e4645c8488354796eb9cbb78b81ab33e5d1d4812ca47afed2785
.dll windows:5 windows x86 arch:x86

5715c1cf6eaabdf8219f6a2bfceb13e9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\ssProject_PC\WTLogin\project\Win32\Release\WTLogin.pdb

Imports

ws2_32

connect
WSAStartup
inet_addr
select
WSACleanup
recv
socket
__WSAFDIsSet
closesocket
send
ntohl
htonl
htons
ntohs

msvcr100

strftime
_localtime64
_time64
rand
free
malloc
printf
perror
_errno
fopen
sprintf
memset
fwrite
fclose
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
clock
memcpy
srand

kernel32

Sleep
DecodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
EncodePointer
InterlockedExchange

Exports

Exports

login_with_password

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5715c1cf6eaabdf8219f6a2bfceb13e9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 1KB