c92be0cf8daaca5e4766692c075122b8

General

Target

c92be0cf8daaca5e4766692c075122b8
Size

96KB
MD5

c92be0cf8daaca5e4766692c075122b8
SHA1

283aed3668bd403fbfb4178c7d37203ae6f3b38d
SHA256

d962f7f98a4d96210b0cab52f5c4e2d081e9017639e9b11709a434eb0e1a6cdc
SHA512

535919bee815366b4856c73d9e97ee487154d1fe8589c241bceabf654e373229b56f9ca6181b43006ff55ade7d2abb91fe220bb91bd87fa4e75da14d26bd552c
SSDEEP

1536:MZa1b07blLu6w7FbFFTVYNVDZs1bA85quaXvaQwQaYFma137Oxo:MANWbABxbrTeVZsfqumvlQre

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c92be0cf8daaca5e4766692c075122b8

Files

c92be0cf8daaca5e4766692c075122b8
.exe windows:4 windows x86 arch:x86

feeeda9b024effaba78bea51d8f7a67c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
ExitProcess
CloseHandle
GetLastError
CreateMutexA
DeleteFileA
lstrcmpiA
GetTickCount
GetDriveTypeA
GetLogicalDriveStringsA
FindClose
FindNextFileA
FindFirstFileA
FreeLibrary
RaiseException
GetLocalTime
lstrcpynA
GetFileSize
GetSystemDirectoryA
CreateDirectoryA
lstrcatA
lstrcmpA
GetComputerNameA
GetProcessTimes
CreateProcessA
ReadFile
GetVersionExA
GetTempFileNameA
GetTempPathA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TerminateThread
GetExitCodeThread
InitializeCriticalSection
SystemTimeToFileTime
CreateThread
GetSystemTime
RtlUnwind
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
VirtualFree
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapAlloc
HeapFree
lstrlenA
GlobalAlloc
lstrcpyA
WriteFile
GlobalFree
CreateFileA
Sleep
GetCurrentThread
SetThreadPriority
GetModuleFileNameA
ExitThread

advapi32

RegOpenKeyExA
GetUserNameA
RegCreateKeyA
RegQueryValueExA
RegCloseKey
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA

user32

CharLowerA
wsprintfA

ole32

CoCreateGuid
StringFromCLSID

ws2_32

getpeername
send
setsockopt
recv
gethostname
WSAStartup
accept
socket
closesocket
select
ioctlsocket
shutdown
bind
listen
connect
gethostbyname
htons
WSACleanup
inet_ntoa

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

feeeda9b024effaba78bea51d8f7a67c

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ws2_32

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 19KB - Virtual size: 36KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 19KB - Virtual size: 36KB