b06cd0811ed5096cbe1d230c608b7e1393bc6d2f319fdb1f1e7fe5fa0ab90d4c

Sharing

Copy URL Twitter E-mail

General

Target

b06cd0811ed5096cbe1d230c608b7e1393bc6d2f319fdb1f1e7fe5fa0ab90d4c
Size

88KB
MD5

8445773fdf02787108bbd8cbd1ebaadc
SHA1

a100f211b7161ba934b4ca9880fab025a8f1022f
SHA256

b06cd0811ed5096cbe1d230c608b7e1393bc6d2f319fdb1f1e7fe5fa0ab90d4c
SHA512

da6306dbc53e0426652b3987f3cf80d3e04bb9e5eeea9d54629c084c43a9332e1591c0f514cfcb3cd10f9774984d094c4b33a575ffd75f970d4d1a247554dfe6
SSDEEP

1536:N8EYQuMBnRZPNWgcWsiTNksBhd52Czl7cZt:xpuM1PNWxjsTrzl7cZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b06cd0811ed5096cbe1d230c608b7e1393bc6d2f319fdb1f1e7fe5fa0ab90d4c

Files

b06cd0811ed5096cbe1d230c608b7e1393bc6d2f319fdb1f1e7fe5fa0ab90d4c
.dll windows:4 windows x86 arch:x86

8b5cfe02791ea0a41abd930ba4375ed6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
CloseHandle
CreateProcessA
ReadFile
CreatePipe
GetCommandLineA
GetModuleFileNameA
GetPrivateProfileIntA
GetPrivateProfileStringA
InterlockedDecrement
GetStartupInfoA
InterlockedIncrement
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetStringTypeW
GetLastError
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
LocalFree
RtlUnwind
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CreateThread
GetCurrentThreadId
TlsSetValue
ExitThread
GetVersion
RaiseException
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapSize
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleA
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
GetStringTypeA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

oleaut32

SysFreeString
SysStringLen
SysAllocString
VariantClear

log

ord1

wsock32

ntohs
inet_addr
getsockname
WSACleanup
WSAStartup
setsockopt
connect
htons
ioctlsocket
WSAGetLastError
socket
send
recv
closesocket

Exports

Exports

SendAndRecvCON
SendAndRecvMessages
SendMessages

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b5cfe02791ea0a41abd930ba4375ed6

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

log

wsock32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 5KB