c0165d151d4dbbd2979ec72ebb7dea64

General

Target

c0165d151d4dbbd2979ec72ebb7dea64
Size

65KB
MD5

c0165d151d4dbbd2979ec72ebb7dea64
SHA1

a25183098bf498d711b131bac3b9560eb8352a1c
SHA256

e094fd5c0cfbc77f1d74259bb56f0d988201687f136fbbadf43cbc9809a1df79
SHA512

9ed7b59e266fa2535b350d96b1b1af8cabdd5ec9549252865ae402930fcf3d323dbc1e1c114d8c95f87eeea9bf46f95a44efcbe716f430690f02ee92748f41cd
SSDEEP

768:KrPQ5e14JFiqitKipifiWiDiF2oi9/SZoSf:Krme1RPl0Kr+F+9/Slf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0165d151d4dbbd2979ec72ebb7dea64

Files

c0165d151d4dbbd2979ec72ebb7dea64
.exe windows:4 windows x86 arch:x86

85feb60357364acf468c5b32431b9542

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

socket
recv
inet_addr
gethostbyname
connect
WSACleanup
send
WSAStartup
closesocket
htons

shell32

ShellExecuteA

advapi32

RegQueryValueExA
RegDeleteValueA
GetUserNameA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

urlmon

URLDownloadToFileA

msvcrt

rand
time
strstr
strtok
realloc
malloc
remove
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
vsprintf
strcmp
fopen
fprintf
fclose
sprintf
strlen
atoi
memset
_snprintf
srand

kernel32

ExitProcess
lstrcatA
CreateThread
CreateFileA
WriteFile
GetLocaleInfoA
TerminateThread
GetLastError
CreateMutexA
GetVersionExA
GetStartupInfoA
CreateDirectoryA
CloseHandle
lstrlenA
GetModuleFileNameA
Sleep
GetLogicalDriveStringsA
GetDriveTypeA
ExpandEnvironmentStringsA
SetFileAttributesA
CopyFileA
LoadLibraryA
GetProcAddress
FreeLibrary
GetModuleHandleA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85feb60357364acf468c5b32431b9542

Headers

File Characteristics

Imports

ws2_32

shell32

advapi32

urlmon

msvcrt

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 512B - Virtual size: 308B

.data Size: 38KB - Virtual size: 282KB

.idata Size: 3KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 512B - Virtual size: 308B

.data
Size: 38KB - Virtual size: 282KB

.idata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 2KB