9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69

General

Target

9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69
Size

68KB
MD5

1bdaa370b064f90abbc2c7cecc6d3316
SHA1

bbbca10a8545b0421fbfcbd0b3b7a42527fea641
SHA256

9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69
SHA512

70be545881c253c1d2b88e02ba4b6ed9da5e49d25d65b55f58f28dbac715b19623d57259ea0024a5b4f6faff15e2af5127541cb710f837d8abb5c47c56037460
SSDEEP

768:yGkQZv1QtotFHTov++NjSNlY8UcBuSZFlo:MQF1Q6Xx+8XESflo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69

Files

9f4d15ca56f87a5ded792f2a27a4c112bf59517079aedbefe49fcd0474600b69
.exe windows:4 windows x86 arch:x86

36b07f6939b57988898e1fb5325b9c2b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
ReadFile
SetFilePointer
GetFileSize
CreateProcessA
Sleep
GetTempPathA
GetModuleFileNameA
CreateThread
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FindClose
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
lstrcpyA
CreateFileA
WriteFile
CloseHandle
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetStringTypeW
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree

user32

BeginPaint
GetMessageA
LoadAcceleratorsA
LoadStringA
RegisterClassExA
LoadCursorA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
DispatchMessageA
TranslateMessage
DefWindowProcA
DestroyWindow
EndPaint
GetClientRect
DrawTextA
TranslateAcceleratorA

advapi32

RegQueryValueExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateGuid

ws2_32

send
recv
closesocket
connect
socket
inet_ntoa
gethostbyname
inet_addr
setsockopt
WSAStartup
htons

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36b07f6939b57988898e1fb5325b9c2b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ws2_32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 472B

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 472B