d45cf0759169f094d03bca646901a7a7

Sharing

Copy URL Twitter E-mail

General

Target

d45cf0759169f094d03bca646901a7a7
Size

248KB
MD5

d45cf0759169f094d03bca646901a7a7
SHA1

989d5b90a481651910048927da31f01ed1c6c243
SHA256

636f17c5cfd5523b6a686d10036106149f38fdabc18aa0b664b49b6fce3fe318
SHA512

ec3f44af9f813482181d1574354d520b7e517dece393b84343262dab3697595a0221eaea886c19772c9efb4a0e5ec6632184c2b1ba3f1ed443056e04d3c6c1bd
SSDEEP

3072:/ve5L750Tt34eL7pkFGFIPccjp6jq3h0Col4p1:/2J50TtoeL7pk2kyRE1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d45cf0759169f094d03bca646901a7a7

Files

d45cf0759169f094d03bca646901a7a7
.exe windows:4 windows x86 arch:x86

20db7f8abd7899534b775aed502c6807

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
WSACleanup
shutdown
send
closesocket
htons
WSAStartup
recv
socket
gethostname
gethostbyname
select
__WSAFDIsSet

wininet

InternetCheckConnectionA
InternetAutodial

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrlenA
lstrcatA
lstrcmpA
GetTickCount
CloseHandle
TerminateThread
GetSystemTime
CreateThread
GetExitCodeThread
GetSystemDirectoryA
ExpandEnvironmentStringsA
GetCommandLineA
CopyFileA
CreateDirectoryA
lstrcpynA
GetLastError
CreateMutexA
ReleaseMutex
SetEnvironmentVariableA
GetModuleFileNameA
GetCurrentThreadId
DebugBreak
SetFilePointer
GetStdHandle
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
GetFileType
SetHandleCount
SetConsoleCtrlHandler
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
TerminateProcess
HeapCreate
GetCurrentProcess
CompareStringA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
FlushFileBuffers
LCMapStringW
LCMapStringA
Sleep
SetStdHandle
GetOEMCP
CompareStringW
GetLocaleInfoW
GetACP
GetCPInfo
GetTimeZoneInformation
GetLocalTime
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
InitializeCriticalSection
GetCurrentThread
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
EnterCriticalSection
DeleteCriticalSection
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetVersionExA
HeapDestroy
VirtualAlloc
GetEnvironmentVariableA
LeaveCriticalSection
FatalAppExitA
RtlUnwind
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree

user32

GetKeyNameTextA
GetKeyState
ToAscii
GetWindowTextLengthA
LoadStringA
GetForegroundWindow
SetWindowsHookExA
GetWindowTextA
UnhookWindowsHookEx
DispatchMessageA
GetMessageA
TranslateMessage
OpenClipboard
MapVirtualKeyA
IsClipboardFormatAvailable
CallNextHookEx
GetClipboardData
CloseClipboard
GetKeyboardState

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
RegEnumValueA
GetUserNameA
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegDeleteValueA
ControlService

Exports

Exports

KeyHookMsg
LogSendBack

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 921B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20db7f8abd7899534b775aed502c6807

Headers

File Characteristics

Imports

ws2_32

wininet

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 192KB - Virtual size: 190KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 20KB - Virtual size: 31KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 921B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 20KB - Virtual size: 31KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 921B

.reloc
Size: 8KB - Virtual size: 7KB