acc182e13317d5b48a2bef57a518176c

Sharing

Copy URL Twitter E-mail

General

Target

acc182e13317d5b48a2bef57a518176c
Size

192KB
MD5

acc182e13317d5b48a2bef57a518176c
SHA1

a52257d169c694d89c1b53095180f2afa93b57ac
SHA256

38879b6bdc989ae06a904c3bba21a120af9fee071e65300098c85b964e04e7cd
SHA512

af67494450b81f9c2e2d20d0bab2256e92b01fb02832ec55b2449938a0a9e2f343fb843fd05acab92c60b8abc4d3a915a8db5d8418c686b263a1dc629cad978d
SSDEEP

3072:v5cmBpYB+uVDruuGwNgLvoXP+Ejlo1f9E+gl+LS2wihbgu9EwZMVRpnzVrEFkE:qmaruuRafwS9ElidEuFZMRzx6kE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acc182e13317d5b48a2bef57a518176c

Files

acc182e13317d5b48a2bef57a518176c
.exe windows:4 windows x86 arch:x86

ee7a21a5b1659aae9747f3255ff34959

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegCreateKeyA

wsock32

inet_ntoa
gethostbyname
WSAGetLastError
WSAStartup
ioctlsocket
htonl
recvfrom
sendto
gethostname
WSACleanup
connect
htons
socket
bind
listen
accept
send
recv
closesocket

winmm

PlaySoundA
mciSendCommandA

kernel32

GetCPInfo
GetStringTypeA
MultiByteToWideChar
IsBadCodePtr
IsBadWritePtr
GetACP
GetStringTypeW
SetEndOfFile
CreateThread
TerminateThread
Sleep
FindClose
FindNextFileA
IsBadReadPtr
SetUnhandledExceptionFilter
GetOEMCP
CopyFileA
GetSystemDirectoryA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
TerminateProcess
GetPriorityClass
OpenProcess
CloseHandle
SetFileAttributesA
WriteFile
CreateFileA
VirtualAlloc
HeapReAlloc
LCMapStringA
LCMapStringW
SetEnvironmentVariableA
FlushFileBuffers
CompareStringA
CompareStringW
WaitForSingleObject
GetFileAttributesA
GetExitCodeProcess
DeleteFileA
CreateProcessA
GetWindowsDirectoryA
FindFirstFileA
SetStdHandle
GetSystemTimeAsFileTime
GetLocalTime
HeapAlloc
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
RtlUnwind
GetTimeZoneInformation
GetSystemTime
ReadFile
GetStartupInfoA
GetVersion
ExitProcess
GetLastError

user32

DefWindowProcA
PostQuitMessage
ReleaseDC
DispatchMessageA
TranslateMessage
GetMessageA
LoadBitmapA
MessageBoxA
ExitWindowsEx
UpdateWindow
ShowWindow
CreateWindowExA
GetSystemMetrics
RegisterClassA
LoadCursorA
LoadIconA
CharToOemA
GetDC

gdi32

SetTextColor
SetBkMode
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
DeleteObject
GetStockObject
GetDIBColorTable
CreateDIBSection
GetDeviceCaps
CreateDCA
CreateFontA
CreateBitmap

shell32

SHFileOperationA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee7a21a5b1659aae9747f3255ff34959

Headers

File Characteristics

Imports

advapi32

wsock32

winmm

kernel32

user32

gdi32

shell32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 70KB

.rsrc Size: 124KB - Virtual size: 120KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 70KB

.rsrc
Size: 124KB - Virtual size: 120KB