d56d03cf867c851d4e4c2d1aeb84567c

General

Target

d56d03cf867c851d4e4c2d1aeb84567c
Size

57KB
MD5

d56d03cf867c851d4e4c2d1aeb84567c
SHA1

a20e94bbbdd5c0f14a7ca5578785367df8090a74
SHA256

55ec79e53cdc15127c847539dcbc14d157826e52aaea97ff8e76bd805eec1287
SHA512

50cbe56bc89a98690cde762c8d7c830be14c5f4aa86360e650f572f40c7dcada5422b16eafd8a009d96300c9795e01dd247430dbef13628a2d9519d366567134
SSDEEP

768:tUNFMNsyQLwtceTbdVUF3Ozt/eI6quKGLC4tPtt0tq3I63sC7Q4ciyxF/8oFIyu8:9QEtceTbd+FehGIGDc/xF/EFcsMpC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56d03cf867c851d4e4c2d1aeb84567c

Files

d56d03cf867c851d4e4c2d1aeb84567c
.exe windows:4 windows x86 arch:x86

028c2bd2b84af7b9c386858f02c38386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetLocalTime
lstrcatA
lstrcpyA
lstrcpynA
GetTickCount
GetSystemDirectoryA
lstrlenA
CreateThread
GetProcAddress
LoadLibraryA
GetModuleHandleA
GlobalFree
GlobalAlloc
GetVersionExA
CopyFileA
GetModuleFileNameA
GetWindowsDirectoryA
Sleep
lstrcmpA
Module32Next
CreateEventA
CreateToolhelp32Snapshot
GetCurrentProcessId
WriteFile
CreateFileA
SetFileAttributesA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
FindClose
FindNextFileA
FindFirstFileA
GetDriveTypeA
SetFilePointer
GetFileSize
GetFullPathNameA
SetCurrentDirectoryA
ExitThread
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
ReadFile
CloseHandle
ResetEvent
WaitForSingleObject
Module32First
GetCurrentThreadId
LCMapStringW
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetLastError
HeapSize
GetCurrentProcess
TerminateProcess
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

CharLowerA
GetMessageA
MessageBoxA
wsprintfA
DispatchMessageA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

ShellExecuteA

iphlpapi

GetNetworkParams

ws2_32

connect
ioctlsocket
send
recv
WSAEventSelect
WSAGetLastError
gethostbyname
htonl
htons
socket
inet_addr
WSAStartup
accept
listen
bind
closesocket

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

028c2bd2b84af7b9c386858f02c38386

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

iphlpapi

ws2_32

Sections

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 52KB - Virtual size: 64KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 52KB - Virtual size: 64KB