78cf2fc9db22b46d57e86be39f35585b30228ec85c50442ef000c6dd06c03ede

Sharing

Copy URL Twitter E-mail

General

Target

78cf2fc9db22b46d57e86be39f35585b30228ec85c50442ef000c6dd06c03ede
Size

537KB
MD5

6c747dc3ce884af493e8ba3bab268a99
SHA1

85637493270fadf7e1c847a111d667ddea3b329a
SHA256

78cf2fc9db22b46d57e86be39f35585b30228ec85c50442ef000c6dd06c03ede
SHA512

5a4ee019c9bd07640078483a2c6bcdf5947e0d39305bcaf46c8f8e02445474801dc8e0cc4788e27b22821ca49d94fdb186263d8f458cf05d47a6493dd04da4a9
SSDEEP

12288:XdFEv6GIsM0fR9EU2FGy10n7ELXzvWPp58JgcHFq:XTEv6GIsPElIy1OQDePp58SX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78cf2fc9db22b46d57e86be39f35585b30228ec85c50442ef000c6dd06c03ede

Files

78cf2fc9db22b46d57e86be39f35585b30228ec85c50442ef000c6dd06c03ede
.exe windows:5 windows x86 arch:x86

44089ebdc7cdd36b64cce71a2ad79b7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\a\acr\acr\source\vcpp\Standalone\acr_server.pdb

Imports

zlib1

compress2
deflate
crc32
deflateEnd
inflateReset
deflateInit2_
inflateInit2_
inflate
inflateEnd
uncompress

ws2_32

__WSAFDIsSet
inet_addr
WSACleanup
ntohl
htonl
gethostbyname
WSAStartup
inet_ntoa
select
WSARecvFrom
WSASendTo
closesocket
shutdown
ntohs
accept
WSAGetLastError
connect
ioctlsocket
setsockopt
socket
listen
bind
htons
gethostbyaddr

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

dbghelp

SymGetLineFromAddr
SymFunctionTableAccess
SymGetModuleBase
SymInitialize
StackWalk
SymGetSymFromAddr

kernel32

SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
GetCurrentDirectoryW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
ReadConsoleW
SetFilePointerEx
GetStringTypeW
GetTimeZoneInformation
DeleteFileW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetFileType
HeapAlloc
HeapFree
GetACP
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetCurrentDirectoryA
SetEvent
CloseHandle
CreateEventA
FindNextFileA
FindClose
GetFileAttributesA
CreateDirectoryA
GetCurrentThread
GetLastError
GetCommandLineW
GetProcessHeap
CreateFileW
WriteConsoleW
HeapSize
HeapReAlloc
SetEndOfFile
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
UnhandledExceptionFilter
DecodePointer
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
SetConsoleCtrlHandler
ReadFile
GetDriveTypeW
GetFullPathNameA
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA

advapi32

CreateServiceA
CloseServiceHandle
OpenSCManagerA
OpenServiceA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
StartServiceCtrlDispatcherA
SetServiceStatus
RegisterServiceCtrlHandlerA

Sections

.text
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44089ebdc7cdd36b64cce71a2ad79b7f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

zlib1

ws2_32

winmm

dbghelp

kernel32

advapi32

Sections

.text Size: 358KB - Virtual size: 357KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 17KB - Virtual size: 60KB

.rsrc Size: 93KB - Virtual size: 92KB

.text
Size: 358KB - Virtual size: 357KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 17KB - Virtual size: 60KB

.rsrc
Size: 93KB - Virtual size: 92KB