2963a90eb9e499258a67d8231a3124021b42e6c70dacd3aab36746e51e3ce37e

General

Target

2963a90eb9e499258a67d8231a3124021b42e6c70dacd3aab36746e51e3ce37e
Size

88KB
MD5

7b8d77d8d5913fe4f84e4f5f3b4083eb
SHA1

8b0fb0e478d18a358783429eaed53ca0fe892b37
SHA256

2963a90eb9e499258a67d8231a3124021b42e6c70dacd3aab36746e51e3ce37e
SHA512

03905bc28b189ff37ceea25c676a63971d42d4320fbfaa8c0932cc6922355182f41741cc676e005b66072c251ed09b06e4e98c78ba29fc366453bd8d90efa482
SSDEEP

1536:DcJuSW2En63BhlAualskCTGrxTUUXQ9fIQ4l+c0oTeO5EU2ko/:DcJuSW2EnKBhlAuaZl/yJa0O5Exko/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2963a90eb9e499258a67d8231a3124021b42e6c70dacd3aab36746e51e3ce37e

Files

2963a90eb9e499258a67d8231a3124021b42e6c70dacd3aab36746e51e3ce37e
.exe windows:4 windows x86 arch:x86

4bf18eb8d608e26b199b546fb6722c3e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

gethostbyname
htonl
connect
select
__WSAFDIsSet
send
WSAStartup
ioctlsocket
setsockopt
ntohl
WSASocketA
bind
getsockname
htons
listen
WSAAccept
ntohs
WSAGetLastError
sendto
recvfrom
shutdown
closesocket

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
Sleep
LeaveCriticalSection
CloseHandle
EnterCriticalSection
GetCurrentProcessId
GetCurrentThreadId
FreeConsole
InitializeCriticalSection
DeleteCriticalSection
HeapAlloc
HeapFree
GetLastError
CreateThread
TlsSetValue
TlsGetValue
ExitThread
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
ExitProcess
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
GetSystemTimeAsFileTime
RtlUnwind
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
UnhandledExceptionFilter
SetStdHandle
WriteFile
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetProcAddress
WideCharToMultiByte
FlushFileBuffers
GetFileAttributesA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
CreateFileA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4bf18eb8d608e26b199b546fb6722c3e

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 18KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 18KB