a46ff7777a9147746dc5a603bcd43861

General

Target

a46ff7777a9147746dc5a603bcd43861
Size

14KB
MD5

a46ff7777a9147746dc5a603bcd43861
SHA1

94bde378e0d762ea8e7777379f9152272297dff9
SHA256

ee21ce2bbb20e1e1bfc6da4afa3bf90d6d55a2b633d64ec320e636e48ce6c933
SHA512

d535064c4568ef6a28cb7d7072c9332589a5b97a69c5a073390bf418b04856c005026c3f2556b3159d76856a3838290ca071e4157d6c22b10b3984c11e84167e
SSDEEP

192:3qWsY/sJMosmCothEwYjzfLohdFABHaSbYDYokwlWZnBWxcLWNUoy2UDT+sN:6a26jzs2HsN7lMnBMcKaoUDTNN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a46ff7777a9147746dc5a603bcd43861

Files

a46ff7777a9147746dc5a603bcd43861
.exe windows:4 windows x86 arch:x86

9e1fb95f7b720b7f69c0e0dbe451bd03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord860
ord690
ord537
ord2846
ord2764
ord389
ord5207
ord540
ord2915
ord1988
ord800

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
printf
rand
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
exit
_except_handler3
strncmp
__CxxFrameHandler
atoi
time
srand

kernel32

GetModuleHandleA
CreateProcessA
ResumeThread
SetThreadPriority
GetStartupInfoA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentProcessId
ExitThread
GetTickCount
HeapAlloc
GetProcessHeap
Sleep
CreateThread
lstrlenA
GetLastError
CopyFileA
GetSystemDirectoryA
GetModuleFileNameA
GetVersionExA
GetCurrentThread

user32

wsprintfA

advapi32

StartServiceCtrlDispatcherA
CloseServiceHandle
RegSetValueExA
RegOpenKeyA
StartServiceA
OpenServiceA
CreateServiceA
OpenSCManagerA
DeleteService
RegOpenKeyExA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegCloseKey

ws2_32

inet_addr
setsockopt
WSASocketA
WSAStartup
htons
gethostbyname
sendto
htonl
socket
connect
closesocket
send
inet_ntoa
gethostname

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e1fb95f7b720b7f69c0e0dbe451bd03

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 242KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 242KB