bf321620c6fc320e8120058edc2a4c68

General

Target

bf321620c6fc320e8120058edc2a4c68
Size

20KB
MD5

bf321620c6fc320e8120058edc2a4c68
SHA1

0693bd793b756c3c1dab46c4fce5a4b3275796f3
SHA256

e83b09846885fc40728ec5e038430bd2efc1381a3bd249e1384f49597dd15be2
SHA512

f0ef8bfe0e086a284c66dad8ca8e1b79e1d411a2dca9e94294716a99210d37074fee5981f2d89cb2e6edb4f93a1c9b30e23daec155d61bbd2194f7a922531079
SSDEEP

192:JVoZxaRhhaBLnt9EIF8zBeKj96MMUL6J4vdUoynI+16Dp:JVoZxa14tdKB76MbG4iT1Up

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf321620c6fc320e8120058edc2a4c68

Files

bf321620c6fc320e8120058edc2a4c68
.exe windows:4 windows x86 arch:x86

4a316162317b74f719ce9b56b24ca796

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
GetSystemDirectoryA
TerminateThread
DeleteFileA
GetWindowsDirectoryA
GetPrivateProfileStringA
Sleep
CloseHandle
GetFileSize
CreateFileA
GetModuleHandleA
GetStartupInfoA

user32

DispatchMessageA
EndDialog
DefWindowProcA
DestroyWindow
DialogBoxParamA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
CreateWindowExA
ShowWindow
UpdateWindow
SetTimer
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateMessage
TranslateAcceleratorA

wpcap

pcap_sendpacket
pcap_close
pcap_setfilter
pcap_dump_open
pcap_next_ex
pcap_dump
pcap_dump_close
pcap_open_live
pcap_compile

iphlpapi

EnableRouter
SendARP

ws2_32

inet_addr
htons

msvcrt

__getmainargs
memcpy
sprintf
strcpy
strcmp
fopen
time
localtime
fprintf
fclose
atoi
_access
strlen
strcat
exit
_exit
_XcptFilter
_acmdln
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
_controlfp
_except_handler3
__set_app_type
__p__fmode
memset

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a316162317b74f719ce9b56b24ca796

Headers

File Characteristics

Imports

kernel32

user32

wpcap

iphlpapi

ws2_32

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 720B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 720B