cb527cf3a14ed3df593fca7a7565515b

Sharing

Copy URL

Twitter E-mail

General

Target

cb527cf3a14ed3df593fca7a7565515b
Size

72KB
MD5

cb527cf3a14ed3df593fca7a7565515b
SHA1

38d8319124c32dd95b21cb466817e05fff9fe2c6
SHA256

2910c3cfed77ce5a4c990ee1b92629e5bbaf821376d495dea2e219cee68b2afd
SHA512

dee54eeee6c2bc599b044983527ce2fe5781fe4ed69550473f9f1d17ba3eea1bb6f78adc9b57a522f2e5c07ad9f742ee200ff1213d33799a7613f4900c709d85
SSDEEP

768:YaxvzPLxPJtx0gL5h1rXpHeTyHab0ZA9bH4UuqaIoZ5ZT1GXIvzo9hJvX:YYPlPJtx0giTIvS9bHnqvNoZvX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb527cf3a14ed3df593fca7a7565515b

Files

cb527cf3a14ed3df593fca7a7565515b
.dll windows:4 windows x86 arch:x86

dbc3c4a3c5964f576b263324c6b63677

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
TerminateProcess
ReadFile
PeekNamedPipe
GetLastError
WaitForSingleObject
CloseHandle
GetStartupInfoA
CreatePipe
CreateProcessA
SetCurrentDirectoryA
GetCurrentDirectoryA
LoadLibraryW
ExpandEnvironmentStringsW
GlobalAlloc
DeleteFileA
CreateFileA
FindNextFileA
FileTimeToDosDateTime
FindFirstFileA
GetModuleFileNameW
OpenProcess
GetVersionExA
SetFileTime
SystemTimeToFileTime
WriteFile
SetFileAttributesA
GetFileAttributesA
GetModuleFileNameA
CreateSemaphoreA
GlobalMemoryStatus
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExW
GetSystemInfo
GetDriveTypeA
GetDiskFreeSpaceExA
GlobalFree
ReleaseMutex
SetThreadPriority
CreateThread
CreateMutexW
CopyFileA
Sleep
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
GetFileType
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
SetFilePointer
SetStdHandle
SetEndOfFile
GetCurrentProcess
FlushFileBuffers
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
FreeEnvironmentStringsA
FreeEnvironmentStringsW

advapi32

GetUserNameA

ws2_32

WSCEnumProtocols
WSASocketW
gethostname
recv
ioctlsocket
WSAGetLastError
select
send
socket
setsockopt
inet_addr
gethostbyname
closesocket
htons
connect
WSAStartup
WSACleanup
WSCGetProviderPath

Exports

Exports

RunDll32
WSPStartup

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dbc3c4a3c5964f576b263324c6b63677

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 333KB

Shared Size: 4KB - Virtual size: 4B

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 333KB

Shared
Size: 4KB - Virtual size: 4B

.reloc
Size: 8KB - Virtual size: 5KB