cd1f1b4e1cb133cad1e0d79c1e53f4e8

Sharing

Copy URL Twitter E-mail

General

Target

cd1f1b4e1cb133cad1e0d79c1e53f4e8
Size

220KB
MD5

cd1f1b4e1cb133cad1e0d79c1e53f4e8
SHA1

756d2e8d49f2be89744eb8605529e0b88393f251
SHA256

ead90f5292290e27e6b4f0801ad9f319d606b4ab51157aa1b44cc15762fea433
SHA512

999d6f953e0768bae6baeedb0e81d1ec5a151da96ffa71fcb1d12966d37df775337c7e3c3508095bf0b429a291f8e2819df0a22a2bfdc8d3fab929d75f8f0aa1
SSDEEP

1536:eVBZb/ySkdpCC0lk8E9yLa/2z3Ouext6zMPKCCwsmD4/qh6FoxkrYLxXkOUoJ:oBZTwdpCBlkbkL5cx++XZUoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd1f1b4e1cb133cad1e0d79c1e53f4e8

Files

cd1f1b4e1cb133cad1e0d79c1e53f4e8
.dll windows:4 windows x86 arch:x86

be725ee86f12eec21316c05c1c554fbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
lstrlenA
VirtualProtect
CreateThread
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
CloseHandle
SetStdHandle
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
FatalAppExitA
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
UnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
FlushFileBuffers
Sleep
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

ws2_32

WSAStartup
gethostbyname
htons
socket
connect
closesocket
send
recv
shutdown
WSACleanup

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be725ee86f12eec21316c05c1c554fbc

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 20KB - Virtual size: 25KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 20KB - Virtual size: 25KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 6KB