8377060003db502e89a3818bba7fb113c6783e3b3f44df04019e97e923269e70

Sharing

Copy URL Twitter E-mail

General

Target

8377060003db502e89a3818bba7fb113c6783e3b3f44df04019e97e923269e70
Size

1.4MB
MD5

e01a494599c220cad68ce6461ad98ccf
SHA1

d005039402c9234af265a19c8f7040897092be5a
SHA256

8377060003db502e89a3818bba7fb113c6783e3b3f44df04019e97e923269e70
SHA512

761d7db61cf1f238480751b43f9bb3bab7f67bbf7016869c9d0f9c871202ad56570dc8f764c936bda154ea713ba2e8ba9932875a4d2a814851e8287af86aeeac
SSDEEP

24576:253eTGd7UQgHdTpt4rdr5Z0GWtXPt7cYuwTN47iNAiebU+en+BCiYqKoQtfP2+LN:sd7U1HdX4rF5Zk/t7CwTFApej6SDuttE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8377060003db502e89a3818bba7fb113c6783e3b3f44df04019e97e923269e70

Files

8377060003db502e89a3818bba7fb113c6783e3b3f44df04019e97e923269e70
.exe windows:4 windows x86 arch:x86

88fc665dc0fb70ef963151336ec9455e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htonl
gethostbyname
gethostbyaddr
inet_addr
WSACleanup
WSAStartup
getsockname
getsockopt
ntohl
setsockopt
inet_ntoa
send
recv
closesocket
WSAGetLastError
ioctlsocket
getprotobyname
htons
socket
connect
select
ntohs
__WSAFDIsSet
gethostname

kernel32

CreateProcessA
GetCurrentDirectoryW
CompareStringW
CompareStringA
GetOEMCP
GetACP
Sleep
UnmapViewOfFile
MapViewOfFile
CloseHandle
CreateFileMappingA
CreateFileA
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetProcAddress
LoadLibraryA
GetVersion
SetErrorMode
SetHandleInformation
WaitForSingleObject
FreeLibrary
ResetEvent
CreateEventA
SetEvent
GetWindowsDirectoryA
ReleaseMutex
GetLastError
CreateMutexA
GetTickCount
GetProcessTimes
GetCurrentProcess
GetVolumeInformationA
GetDriveTypeA
VirtualAlloc
VirtualFree
FindFirstFileW
FindFirstFileA
FindNextFileW
FindNextFileA
FindClose
GetModuleHandleA
GetPrivateProfileStringA
GetPrivateProfileIntA
ReadFile
WriteFile
DeviceIoControl
SetLastError
GetCurrentProcessId
GetModuleFileNameA
GetSystemTime
SystemTimeToFileTime
GetLocalTime
LocalAlloc
LocalFree
GetFileSize
SearchPathA
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
InterlockedDecrement
InterlockedIncrement
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetTimeZoneInformation
ExitProcess
TerminateProcess
RtlUnwind
GetCommandLineA
HeapReAlloc
HeapFree
ResumeThread
CreateThread
TlsSetValue
ExitThread
GetFileType
CreateFileW
FileTimeToSystemTime
FileTimeToLocalFileTime
MoveFileA
MoveFileW
GetFileAttributesW
DeleteFileA
DeleteFileW
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
GetFullPathNameA
GetFileAttributesA
InitializeCriticalSection
DeleteCriticalSection
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
SetHandleCount
GetStdHandle
GetStartupInfoA
GetCurrentThreadId
TlsAlloc
TlsGetValue
FlushFileBuffers
SetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetFilePointer
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableW
SetEnvironmentVariableA
SetEndOfFile
GetFullPathNameW
CreatePipe
GetExitCodeProcess
GetCPInfo
GetDriveTypeW

user32

DialogBoxIndirectParamA
CreateDialogIndirectParamA
wsprintfA
GetClientRect
ScreenToClient
MoveWindow
ShowWindow
MessageBoxA
GetActiveWindow
GetSystemMetrics
EnableWindow
GetWindowRect
GetDlgItem
SendMessageA
GetWindowLongA
MessageBeep
SetDlgItemTextA
GetDlgItemTextW
GetDlgItemTextA
EndDialog
GetParent
GetFocus
SetFocus
SetWindowTextA

advapi32

RegSetValueExW
RegEnumValueA
RegEnumKeyExA
RegCreateKeyExA
GetUserNameW
GetUserNameA
RegCloseKey
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA

netapi32

Netbios

comctl32

ord17

comdlg32

GetOpenFileNameA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 4KB - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 439KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88fc665dc0fb70ef963151336ec9455e

Headers

File Characteristics

Imports

wsock32

kernel32

user32

advapi32

netapi32

comctl32

comdlg32

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

CONST Size: 4KB - Virtual size: 80B

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 120KB - Virtual size: 439KB

.rsrc Size: 4KB - Virtual size: 936B

.text
Size: 1.1MB - Virtual size: 1.1MB

CONST
Size: 4KB - Virtual size: 80B

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 120KB - Virtual size: 439KB

.rsrc
Size: 4KB - Virtual size: 936B