ac458cac2266210072069c8d0bec9ca5

General

Target

ac458cac2266210072069c8d0bec9ca5
Size

14KB
MD5

ac458cac2266210072069c8d0bec9ca5
SHA1

28ce2f0275bc53daae2a8fded91765a31e4c9409
SHA256

03e82ceeedf1482773f2ff816fdbc0a8673176f6bda80fbda003a8cb3b0f4f36
SHA512

798c80134c852b589e26045f9ff46b5173300dfffc16ed8f4d42c13e919c57c589456d1d46a98dc3829c87c420c69e3151ecbc6c323c1323c53fa8a8c7ab9822
SSDEEP

192:hO0cIrN3iWQS8LBt6k0y3FlmCBoqLRRselrHxz1ZPghiPebYkkc3l:hOFYBStl0wtFLRRjxgQeb+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac458cac2266210072069c8d0bec9ca5

Files

ac458cac2266210072069c8d0bec9ca5
.exe windows:4 windows x86 arch:x86

2619c6036c146dc4ec0ed8684034ae9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GetCurrentProcess
lstrlenA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
CreateRemoteThread
GetModuleHandleA
VirtualAllocEx
IsBadReadPtr
GetVersionExA
CreateThread
WriteFile
GetFileSize
OpenProcess
GetModuleFileNameA
CloseHandle
GetProcAddress
GetSystemDirectoryA
lstrcatA
CreateFileA
GetFileInformationByHandle
GetProcessHeap
HeapAlloc
ReadFile
HeapFree
WriteProcessMemory
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind

advapi32

SetSecurityInfo
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityInfo
GetUserNameA
SetEntriesInAclA

ws2_32

closesocket
connect
htons
inet_addr
socket
WSAStartup
accept
listen
bind
recv
select
__WSAFDIsSet
send
WSACleanup

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2619c6036c146dc4ec0ed8684034ae9f

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 8B

.rsrc Size: 512B - Virtual size: 176B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 8B

.rsrc
Size: 512B - Virtual size: 176B