b5e1ef3ae079afc60eb024f707ce7a6a

General

Target

b5e1ef3ae079afc60eb024f707ce7a6a
Size

40KB
MD5

b5e1ef3ae079afc60eb024f707ce7a6a
SHA1

97eff57b7ef296e78cb947e59c32d785525b6c81
SHA256

e21aad7cb0fbb77dada4aa1871cb26b6fa5b75529d1836cff721bb8e6e0a682c
SHA512

4e3b02037f30bcc3369475732a498d8fc29696fb8f53a66a41d60a664a86afc89ae7c5b7258ab5fa0b65f1ef0d5a21e9fbeacc8fa35c3f0e5893462f74d66ca9
SSDEEP

768:5xyenjqPnoLBtpA+Z4hcdIaLJTblfKOQuVXS/:5xtGPoLrgcvLpblfQ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5e1ef3ae079afc60eb024f707ce7a6a

Files

b5e1ef3ae079afc60eb024f707ce7a6a
.dll windows:4 windows x86 arch:x86

a8c2c6cf03670ccb076470d52f810718

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ord401
ord935
ord924
ord921
ord920
ord593
ord79
ord341
ord759
ord768
ord78
ord919
ord48
ord852
ord697
ord807
ord106
ord926
ord581
ord833
ord824
ord577
ord125
ord923
ord922
ord202
ord906
ord397
ord309
ord840
ord795
ord224
ord520
ord518
ord571
ord539
ord545
ord542
ord812
ord868
ord570
ord144
ord527
ord428
ord425
ord901
ord702
ord259
ord941
ord367
ord468
ord514
ord312
ord888
ord837
ord838
ord781
ord839
ord354
ord508
ord176
ord832
ord365
ord512
ord510
ord871
ord777
ord344
ord424
ord422
ord123
ord232
ord247
ord240
ord388
ord606
ord327
ord233
ord329

user32

ord729

wsock32

select
__WSAFDIsSet
ioctlsocket
recv
WSAGetLastError
socket
setsockopt
htons
htonl
connect
closesocket
send
inet_addr
gethostbyname
WSACleanup
WSAStartup

winmm

ord166

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8c2c6cf03670ccb076470d52f810718

Headers

File Characteristics

Imports

kernel32

user32

wsock32

winmm

Sections

.text Size: 28KB - Virtual size: 28KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 10KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 28KB - Virtual size: 28KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 10KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB