b69dcb5099f3f1049d6089df315a68b6

General

Target

b69dcb5099f3f1049d6089df315a68b6
Size

8KB
MD5

b69dcb5099f3f1049d6089df315a68b6
SHA1

216fbaad06ca583b1c446f2989e741831ccc3e7c
SHA256

dcd109352524d48fcd65c5a684084dd23cb1bf09fb70f629fd0b7e32401bac36
SHA512

77f9950e94ec68e0fd00dd0f5ca8e4275322b20a0c0316222780c8188d7b6a2d426c74eae51ffd00c8316f8d0fd9fa9cca14b8788af2fa434da406bb1ae10674
SSDEEP

192:Roa9z8VOguXd7aIy+FeMQHlNYvb6e9B5mM9vXZnIkPWRyW:Roat8aXJyQree0svpTWRyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b69dcb5099f3f1049d6089df315a68b6

Files

b69dcb5099f3f1049d6089df315a68b6
.exe windows:5 windows x86 arch:x86

2d42c78984ee04f8a25a5ddf7268d1c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
_except_handler3
_beginthreadex
exit

advapi32

InitializeSecurityDescriptor
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetSecurityDescriptorDacl
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
FreeSid
SetServiceStatus

kernel32

WaitForSingleObject
GlobalFree
GlobalAlloc
GetTickCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
ConnectNamedPipe
CreateNamedPipeA
DeleteCriticalSection
CreateEventA
InitializeCriticalSection
QueryPerformanceCounter
GetCurrentThreadId
GetLastError
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
SetEvent
LeaveCriticalSection
CloseHandle
DisconnectNamedPipe
ResetEvent
GetOverlappedResult
EnterCriticalSection
WriteFile
TerminateProcess

ws2_32

recvfrom
WSAGetLastError
ioctlsocket
__WSAFDIsSet
select
WSACleanup
closesocket
bind
htonl
htons
getservbyname
socket
WSAStartup

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d42c78984ee04f8a25a5ddf7268d1c9

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

ws2_32

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 292B

.rsrc Size: 1024B - Virtual size: 1000B

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 292B

.rsrc
Size: 1024B - Virtual size: 1000B