9da392cc9e725e09ce440cd246cf4176

General

Target

9da392cc9e725e09ce440cd246cf4176
Size

64KB
MD5

9da392cc9e725e09ce440cd246cf4176
SHA1

cdeea2aaaa532d215437be71afc2290a48f3d0c8
SHA256

28114a1e242f81efef8d156521f061a1d1ac0eac845ae0747e4148ade56576d9
SHA512

74412dead3c976d1167629f04d87619d2bd9533b1b2de22ca5541bcfbe9e771f272da5217dc42f924cc4ed1b3ca140f6444731793b0fbcb466d8f92c9ddcf720
SSDEEP

768:4jK5X1yEEoKu9Ua7KsuP9ApTuWcMsaOy64IS+CaoxI6Eu4tVbIB8iKmhvnYoa:TPKuKZsXVsaz64d+CvfEu6IB3Ko

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9da392cc9e725e09ce440cd246cf4176

Files

9da392cc9e725e09ce440cd246cf4176
.exe windows:4 windows x86 arch:x86

6f17b15902e5fdf9e12a8ec600190eb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LocalAlloc
CloseHandle
SearchPathA
FormatMessageA
GetSystemTime
LocalFree
GetPrivateProfileStringA
lstrlenA
lstrcpyA
CreateFileA
GetFileInformationByHandle
RtlUnwind
SetHandleCount
HeapDestroy
SetEndOfFile
LoadLibraryA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetCPInfo
FlushFileBuffers
HeapFree
HeapAlloc
GetTimeZoneInformation
GetLocalTime
ExitProcess
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
lstrcpynA
GetCommandLineA
GetVersion
SetStdHandle
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetLastError
GetModuleFileNameA
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WideCharToMultiByte
SetEnvironmentVariableW
SetEnvironmentVariableA
UnhandledExceptionFilter
WriteFile
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

user32

wsprintfA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

wsock32

connect
recv
send
closesocket
getservbyname
htons
ioctlsocket
gethostbyaddr
gethostbyname
socket
WSACleanup
WSAStartup

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f17b15902e5fdf9e12a8ec600190eb2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 11KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 11KB