c25612dee98da25f18df50d939cbb0f6

General

Target

c25612dee98da25f18df50d939cbb0f6
Size

32KB
MD5

c25612dee98da25f18df50d939cbb0f6
SHA1

2bbed8cd7f5a261730d9c7498afe96d2b8de905e
SHA256

8f1cd1697a9b5b2b2072758443825b1d0c8aa8e0fe3b6a70439be1ed1077231f
SHA512

d49ac79ffe2310ded367dbe53a8101777119c9bb9c38e632a4c4231f376dce3eef942876f757c26d9c020ef13046c57e574b066246202914c3d169dbaaba0fea
SSDEEP

384:C6r+kcva0pyHzQk8qJi0mnU7RQDzK1GIZ:C6ykcvrycV0TmDzKYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c25612dee98da25f18df50d939cbb0f6

Files

c25612dee98da25f18df50d939cbb0f6
.exe windows:4 windows x86 arch:x86

b1456ce66b8942b2b4f228405f108c7b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetModuleHandleA
HeapFree
ReadFile
HeapAlloc
GetProcessHeap
GetFileInformationByHandle
CreateFileA
GetSystemDirectoryA
GetProcAddress
LocalFree
lstrlenA
CreateToolhelp32Snapshot
GetCurrentProcessId
VirtualQueryEx
GetVersion
IsBadReadPtr
CreateThread
WriteFile
GetFileSize
LoadLibraryA
GetModuleFileNameA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Process32First
Process32Next
OpenProcess
CreateRemoteThread
GetCurrentProcess
VirtualFreeEx
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
GetVersionExA
lstrcatA
TerminateProcess
RtlUnwind

user32

wsprintfA
MessageBoxA

advapi32

GetSecurityInfo
GetUserNameA
SetEntriesInAclA
SetSecurityInfo
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegCreateKeyExA

ws2_32

ioctlsocket
select
recv
WSACleanup
htons
send
WSAStartup
accept
listen
bind
closesocket
socket
connect
inet_addr
__WSAFDIsSet

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1456ce66b8942b2b4f228405f108c7b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 132KB

.CRT Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 132KB

.CRT
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 176B