dddd632888655353cd23d9c19d2162a8

Sharing

Copy URL

Twitter E-mail

General

Target

dddd632888655353cd23d9c19d2162a8
Size

52KB
MD5

dddd632888655353cd23d9c19d2162a8
SHA1

cbdc42e01492edb1ba0d8f2666dbfb1499427517
SHA256

e2589c3ae6985441390a0fcd715576830fda213beaa39de7e2424daa1d44081e
SHA512

9d3a374ca76e4868e7b55765c7558ef92b1a2ec89d100b7e78e48ead768ba4b0f8eaad7236ba8da50f88c54c7370c263cccdfaf081d2aade6c41ab6ac212c968
SSDEEP

384:EKylcEyLmay2MhDn6xV0XJON4kSX+d6xq2IRPfJBVlN5EpdLTWR1299G99mAca:fylcElRJcVl9wA2IRPBBVlfYLqR1Fc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dddd632888655353cd23d9c19d2162a8

Files

dddd632888655353cd23d9c19d2162a8
.exe windows:4 windows x86 arch:x86

c0bfb80b5fb88bd345f7d12e638eb0b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetErrorDlg

advapi32

GetUserNameA
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

user32

GetMessageA
PostThreadMessageA
GetDesktopWindow

ws2_32

gethostbyname
WSAStartup
WSACleanup
inet_ntoa
gethostname

msvcrt

strlen
_strupr
strncpy
strncmp
realloc
fflush
fwrite
fclose
_filelength
fopen
fprintf
_stricmp
strcmp
_msize
fread
_stat
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
_sleep
strrchr
memset
_snprintf
strcat
free
malloc
strcpy
strstr
exit
_strdup
_itoa
_strnicmp
memcpy

iphlpapi

GetAdaptersInfo

shlwapi

PathFileExistsA

shell32

DoEnvironmentSubstA

kernel32

FileTimeToLocalFileTime
FindFirstFileA
SetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA
CloseHandle
GetCurrentProcess
GetCurrentThreadId
FileTimeToSystemTime
FindNextFileA
FindClose
GetDriveTypeA
GetTempPathA
SetFileAttributesA
DeleteFileA
GetModuleFileNameA
CreateMutexA
GetLastError
GetComputerNameA
SetProcessWorkingSetSize
GetVersion
DeviceIoControl
CreateFileA
WaitForSingleObject
CreateProcessA
GetVersionExA
Sleep

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 7.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c0bfb80b5fb88bd345f7d12e638eb0b6

Headers

File Characteristics

Imports

wininet

advapi32

user32

ws2_32

msvcrt

iphlpapi

shlwapi

shell32

kernel32

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 28KB - Virtual size: 7.5MB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 28KB - Virtual size: 7.5MB