b5e4fd6ac491e750b87ca113682ee01e

Sharing

Copy URL Twitter E-mail

General

Target

b5e4fd6ac491e750b87ca113682ee01e
Size

484KB
MD5

b5e4fd6ac491e750b87ca113682ee01e
SHA1

8a18af18bb907ad5d414780c7a889c05d691c590
SHA256

e8e449cda04e4f6a83255679cebf1f131ff3d7537b85607cb51ee3002bb344c0
SHA512

846fbd8f603fd49e40237c6d3f2e6d6b0b07327c38fbc6eff0a78fd6d53cc95c9119841b8062c0d64553388cc3f62eff4efec514c10961ba85d88b4be5076e23
SSDEEP

12288:07tcKQ1XjY8kKECbA0f72/tsBqo/9g2iegpC:07t/OND+tsBqou2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5e4fd6ac491e750b87ca113682ee01e

Files

b5e4fd6ac491e750b87ca113682ee01e
.exe windows:4 windows x86 arch:x86

88d27e8e9940240e2fc05fba0daeb271

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACloseEvent
ntohl
WSAGetLastError
send
WSAEventSelect
WSACreateEvent
WSASocketA
WSAJoinLeaf
getpeername
WSAStartup
gethostname
inet_ntoa
ioctlsocket
select
__WSAFDIsSet
inet_addr
gethostbyname
ntohs
recvfrom
sendto
WSAWaitForMultipleEvents
WSAEnumNetworkEvents
accept
htonl
connect
recv
setsockopt
socket
htons
bind
listen
closesocket

advapi32

RegCloseKey
DeleteService
ControlService
OpenServiceA
StartServiceA
QueryServiceStatus
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA
RegOpenKeyA

ole32

CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
SysAllocString
VariantClear
SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
VirtualAlloc
GetCPInfo
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
GetACP
GetOEMCP
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
InterlockedExchange
VirtualFree
LocalAlloc
GetModuleHandleA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
HeapAlloc
GetStdHandle
SetHandleCount
SetEndOfFile
SetStdHandle
SetLastError
TlsAlloc
GetCurrentThreadId
HeapFree
GetVersion
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
CreateEventA
CloseHandle
SetEvent
GetTickCount
WaitForSingleObject
InterlockedIncrement
GetTempPathA
GetPrivateProfileStringA
WritePrivateProfileStringA
InterlockedDecrement
QueryPerformanceCounter
GetSystemTime
Sleep
CopyFileA
GetModuleFileNameA
MoveFileA
LocalFree
GetSystemDirectoryA
GetVersionExA
GetProcAddress
LoadLibraryA
GetLocalTime
WideCharToMultiByte
FindClose
FindNextFileA
FindFirstFileA
CreateProcessA
GetDiskFreeSpaceExA
GetLastError
GetLogicalDriveStringsA
TerminateProcess
ReadFile
PeekNamedPipe
GetWindowsDirectoryA
GetStartupInfoA
CreatePipe
lstrlenA
RtlUnwind
GetFileType
CreateFileA
CreateDirectoryA
DeleteFileA
FlushFileBuffers
WriteFile
SetFilePointer
ResumeThread
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetSystemTimeAsFileTime
RaiseException
ExitProcess
GetCurrentProcess
GetCommandLineA

Sections

.text
Size: 364KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88d27e8e9940240e2fc05fba0daeb271

Headers

File Characteristics

Imports

ws2_32

advapi32

ole32

oleaut32

version

kernel32

Sections

.text Size: 364KB - Virtual size: 360KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 52KB - Virtual size: 77KB

.rsrc Size: 36KB - Virtual size: 35KB

.text
Size: 364KB - Virtual size: 360KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 52KB - Virtual size: 77KB

.rsrc
Size: 36KB - Virtual size: 35KB