c33b01e28186227c7262a86cab208910

Sharing

Copy URL Twitter E-mail

General

Target

c33b01e28186227c7262a86cab208910
Size

608KB
MD5

c33b01e28186227c7262a86cab208910
SHA1

d5dcdb04fa97a19222362d87df94ecd46f257907
SHA256

5d07befe49a70f72278e300d2f42da56b018903a6655af15615e40cc34501dee
SHA512

833cb3c50d5f732eba660bcc834d6b5b5cdc83d34713b4d90992d5f41b8c22e9a25e2f216434efcf77255e2a9d5fcb47c10bad0eb1fb41a030eff41f512f6edb
SSDEEP

12288:VnQ6i7Aq1vBUVcB9gEpsyipWaKN2mf4kZMB:VnQ6i7Aq1vBUVcB9gEpsyip5KN2mfgB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c33b01e28186227c7262a86cab208910

Files

c33b01e28186227c7262a86cab208910
.exe windows:5 windows x86 arch:x86

fd0a0a93914ce61fd5075dbe2c5eebd5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

inet_addr
WSAStartup
ioctlsocket
htons
recv
bind
socket
send
listen
accept

comctl32

ord17

kernel32

CreateFileA
GetFileSize
WaitForSingleObject
WriteFile
GetCommandLineA
TerminateThread
Sleep
GetFileAttributesA
FileTimeToSystemTime
ReadFile
CreateDirectoryA
GetModuleHandleA
CancelIo
CloseHandle
CreateThread
GetStringTypeW
GetStringTypeA
LCMapStringW
SetEndOfFile
HeapSize
HeapReAlloc
VirtualAlloc
HeapAlloc
FlushFileBuffers
SetStdHandle
MultiByteToWideChar
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetLocaleInfoA
GetProcessHeap
LCMapStringA
GetCurrentProcess
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
ExitProcess
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetLastError
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA

user32

GetMessageA
GetDlgItemInt
ScreenToClient
CreateDialogParamA
RegisterClassExA
PostQuitMessage
SendDlgItemMessageA
TrackPopupMenu
LoadIconA
SendMessageA
TranslateMessage
SetDlgItemInt
MessageBoxA
CreateWindowExA
GetDlgItem
EndDialog
DefWindowProcA
GetCursorPos
CheckDlgButton
ShowWindow
CreatePopupMenu
IsDlgButtonChecked
AppendMenuA
DispatchMessageA
CheckRadioButton
UpdateWindow
EnableWindow
LoadCursorA
GetDlgItemTextA
DialogBoxParamA
SetDlgItemTextA

gdi32

GetStockObject

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd0a0a93914ce61fd5075dbe2c5eebd5

Headers

DLL Characteristics

File Characteristics

Imports

wsock32

comctl32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 63KB

.rsrc Size: 497KB - Virtual size: 497KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 63KB

.rsrc
Size: 497KB - Virtual size: 497KB