c698c1b231c3f689436f5318f3f78de9

Sharing

Copy URL

Twitter E-mail

General

Target

c698c1b231c3f689436f5318f3f78de9
Size

156KB
MD5

c698c1b231c3f689436f5318f3f78de9
SHA1

23faf34167b427dbad0661afed638bd3bfe8952b
SHA256

2473fc4fe6c70c1c76011868efa068e0263f87c97f51cd4e5496c6c7d08be623
SHA512

e29d5e5da50dba84e4650802a0e840025284b3a816f1e42b617d7e1012c845bb7ffc421c8acdc172446bba7ec2f171248ed8cf8b63399a482d509a5465710d20
SSDEEP

3072:mGAYXZ5ZZO+8wIt7bDaiDA/K0RCJLqhJlefroHUcpz:LACBIteiKRlhJlef2lz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c698c1b231c3f689436f5318f3f78de9

Files

c698c1b231c3f689436f5318f3f78de9
.exe windows:4 windows x86 arch:x86

60511adc6497a6aba65ae2edee54af6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
CloseHandle
Sleep
GetLastError
GetLocaleInfoW
HeapSize
SetEndOfFile
GetTimeZoneInformation
ReleaseMutex
WaitForSingleObject
OpenEventA
SetEvent
CreateEventA
WaitForMultipleObjects
GetTickCount
GetCurrentProcessId
CreateMutexA
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
GetFileSize
CreateFileA
GetTempPathA
UnmapViewOfFile
FlushViewOfFile
GlobalAlloc
GlobalFree
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
LocalFree
lstrlenA
GetVersion
MultiByteToWideChar
lstrcmpA
LocalAlloc
ReadFile
WriteFile
WideCharToMultiByte
ResetEvent
DeviceIoControl
GetPrivateProfileIntA
GetPrivateProfileStringA
HeapAlloc
HeapFree
GetModuleHandleA
GetCommandLineA
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
CreateThread
EnterCriticalSection
LeaveCriticalSection
GetACP
GetOEMCP
GetCPInfo
TlsFree
SetLastError
TlsAlloc
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetFilePointer
ExitProcess
TerminateProcess
GetCurrentProcess
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
VirtualProtect
GetSystemInfo
VirtualQuery
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
RtlUnwind
InitializeCriticalSection
SetStdHandle
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
QueryPerformanceCounter
GetVersionExA

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueExA
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
OpenSCManagerA
QueryServiceStatus
OpenServiceA
ControlService
DeleteService
StartServiceA
CreateServiceA
GetUserNameA

wsock32

send
connect
gethostname
recv
getpeername
WSAGetLastError
bind
getsockname
closesocket

user32

wsprintfA
GetSystemMetrics

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rljkmgc
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60511adc6497a6aba65ae2edee54af6b

Headers

File Characteristics

Imports

kernel32

advapi32

wsock32

user32

Sections

.text Size: 116KB - Virtual size: 115KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 22KB - Virtual size: 50KB

rljkmgc Size: - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 115KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 22KB - Virtual size: 50KB

rljkmgc
Size: - Virtual size: 4KB