c7b3b5e4b9a6441014a8ca8edb0497bdaa9f68d0c2ef5bfdd458ce54d7c56ad4

Sharing

Copy URL

Twitter E-mail

General

Target

c7b3b5e4b9a6441014a8ca8edb0497bdaa9f68d0c2ef5bfdd458ce54d7c56ad4
Size

96KB
MD5

f9b9b4e43414d6cb03614510a080a37c
SHA1

44b8dd5996bbde7cb89785a6341dccece57f792d
SHA256

c7b3b5e4b9a6441014a8ca8edb0497bdaa9f68d0c2ef5bfdd458ce54d7c56ad4
SHA512

943fb4cb654ba702fbfc4e0f7e6e5ae2762d11eb8af5cd9b970e3f6f226ccb331699b2e4c16144a6f08318393be25215ca53e5aa704f5f88d75a6f9e0d5ac8c0
SSDEEP

1536:ERZzXSG37ZwfnesvAEM7nHbELhbCwz4nLfvDrZ+YCTY7BW:E3CE7Zw/eZ7nAAwcLXDrgUI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7b3b5e4b9a6441014a8ca8edb0497bdaa9f68d0c2ef5bfdd458ce54d7c56ad4

Files

c7b3b5e4b9a6441014a8ca8edb0497bdaa9f68d0c2ef5bfdd458ce54d7c56ad4
.exe windows:4 windows x86 arch:x86

79d41abaaa603d17fd17043bd03446af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\村上拓郎\デスクトップ\Iom_1.13\Release\iom.pdb

Imports

iphlpapi

GetAdaptersInfo

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Create

ws2_32

WSAStartup
WSACleanup
send
connect
listen
accept
select
shutdown
recv
recvfrom
sendto
ioctlsocket
htonl
socket
setsockopt
closesocket
htons
bind
gethostname
WSAGetLastError
inet_addr
ntohl
inet_ntoa

kernel32

HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
Sleep
CreateThread
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
WaitForSingleObject
GetModuleFileNameA
GetSystemDefaultLangID
GetLocalTime
FreeLibrary
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
FindNextFileA
VirtualProtect
FlushFileBuffers
SetFilePointer
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
InterlockedExchange
TlsGetValue
TlsSetValue
TlsFree
GetLastError
SetLastError
TlsAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapFree
HeapAlloc
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemInfo
RtlUnwind
FindFirstFileA
ExitProcess

user32

FindWindowA
TranslateMessage
DispatchMessageA
GetMessageA
IsDialogMessageA
LoadCursorA
RegisterClassExA
PostQuitMessage
KillTimer
SetTimer
DefWindowProcA
CreatePopupMenu
DestroyMenu
InsertMenuItemA
GetCursorPos
TrackPopupMenu
DestroyIcon
LoadStringA
SetForegroundWindow
UpdateWindow
DestroyWindow
CreateDialogParamA
ShowWindow
GetWindowRect
MapWindowPoints
MoveWindow
LoadIconA
GetDlgItemInt
PostMessageA
CreateWindowExA
MessageBoxA
SendMessageA
SetDlgItemInt
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
EnableWindow
LoadImageA

gdi32

GetStockObject

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79d41abaaa603d17fd17043bd03446af

Headers

File Characteristics

PDB Paths

Imports

iphlpapi

comctl32

ws2_32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2.8MB

.rsrc Size: 28KB - Virtual size: 27KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2.8MB

.rsrc
Size: 28KB - Virtual size: 27KB