b9e345434624b1b22b31875d00bc3184

Sharing

Copy URL Twitter E-mail

General

Target

b9e345434624b1b22b31875d00bc3184
Size

115KB
MD5

b9e345434624b1b22b31875d00bc3184
SHA1

e6d3995f548d2583517f9c5f81fa2f74a209b5d6
SHA256

d4f5b8519a79c44e0bf1056dd74b74935f4b1f2725b55d3c24007310f40be87b
SHA512

82b54c37e72e8eda66294e378a907ed51f6e79032185be7d63ae330d2496bbe44c6070cadcad42edd48dea2b8c6110e6d66cf6b0de6c0b0dcd7499030f6b60d4
SSDEEP

3072:P7O5HpB3LQ5zg4HHTaIEQALzlUDF7QQ1q+p:PCB3LQ5DzaHQ5F7/1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9e345434624b1b22b31875d00bc3184

Files

b9e345434624b1b22b31875d00bc3184
.exe windows:4 windows x86 arch:x86

80d7eb39f2dc148c5f11e810932c7701

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

inet_addr
connect
WSACleanup
WSAStartup
socket
setsockopt
ioctlsocket
htons
bind
listen
send
select
__WSAFDIsSet
accept
recv
closesocket

kernel32

FindNextFileA
FileTimeToLocalFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetLocalTime
ExitThread
FormatMessageA
GetLastError
GlobalUnlock
GlobalLock
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
CreateFileA
CreateProcessA
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
GetModuleHandleA
WriteFile
GetTempPathA
CreateThread
DeleteFileA
OpenProcess
GetCurrentProcessId
Sleep
CopyFileA
GetSystemDirectoryA
ExitProcess
WaitForSingleObject
CreateMutexA
GetTickCount
TerminateThread
MoveFileA
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
SetFilePointer
GetFileSize
GetLocaleInfoA
GetVersionExA
GetTimeFormatA
GetDateFormatA
FindClose
FileTimeToSystemTime
GetACP
GetOEMCP
FindFirstFileA
SetConsoleCtrlHandler
TerminateProcess
WaitForMultipleObjects
CreatePipe
DuplicateHandle
GetCurrentProcess
GenerateConsoleCtrlEvent
MultiByteToWideChar
TransactNamedPipe
WideCharToMultiByte
GetProcAddress
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
FreeLibrary
GetEnvironmentVariableW
HeapFree
HeapAlloc
GetProcessHeap
VirtualQueryEx
ReadProcessMemory
GetSystemInfo
GetComputerNameA
GetExitCodeProcess
PeekNamedPipe
GetLogicalDrives
GlobalMemoryStatus
GetTimeZoneInformation
GetSystemTime
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
GetCPInfo

Sections

.text
Size: 78KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WWP32
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

80d7eb39f2dc148c5f11e810932c7701

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 78KB - Virtual size: 140KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 30KB - Virtual size: 421KB

.WWP32 Size: 1024B - Virtual size: 712B

.text
Size: 78KB - Virtual size: 140KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 30KB - Virtual size: 421KB

.WWP32
Size: 1024B - Virtual size: 712B