c010daa6c81a0b55033da711b0217c7b

General

Target

c010daa6c81a0b55033da711b0217c7b
Size

50KB
MD5

c010daa6c81a0b55033da711b0217c7b
SHA1

39ca925008a3551aa910a9d38d3a113c76e384fa
SHA256

b176ec407289654c2adfbc46eb11039e5cad38532d597704866e8f9c9be979ad
SHA512

ef9349885d2d2386551838d231e933080119258a49750b9a6e937175070d70235cba516cc4bcdd35844e58dca57d0181b483eb174ff434d7f163eb8bba808c03
SSDEEP

768:hNxVNs6QjwtBeTbHnGy3dporC3Su3GOCEtHti0tq3iuhw+PcEUTWvoi8EnJEptWY:TQctBeTbHGyzGhcEUa8fW8Zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c010daa6c81a0b55033da711b0217c7b

Files

c010daa6c81a0b55033da711b0217c7b
.exe windows:4 windows x86 arch:x86

bbcd9ed48d775c745c9f78947670f89a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
lstrcatA
lstrcpyA
lstrcpynA
GetTickCount
GetSystemDirectoryA
lstrlenA
CreateThread
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalFree
GlobalAlloc
GetVersionExA
CopyFileA
GetModuleFileNameA
GetWindowsDirectoryA
Sleep
lstrcmpA
Module32Next
CreateEventA
CreateToolhelp32Snapshot
GetCurrentProcessId
WriteFile
CreateFileA
SetFileAttributesA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFilePointer
GetFileSize
FindClose
FindNextFileA
GetFullPathNameA
SetCurrentDirectoryA
FindFirstFileA
GetDriveTypeA
ExitThread
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
CloseHandle
ResetEvent
WaitForSingleObject
Module32First
GetCurrentThreadId
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetLastError
HeapSize
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

CharLowerA
GetMessageA
MessageBoxA
wsprintfA
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

iphlpapi

GetNetworkParams

ws2_32

connect
ioctlsocket
send
recv
WSAEventSelect
WSAGetLastError
gethostbyname
htonl
htons
socket
inet_addr
WSAStartup
accept
listen
bind
closesocket

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 45KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbcd9ed48d775c745c9f78947670f89a

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

iphlpapi

ws2_32

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 45KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 45KB - Virtual size: 57KB