052ec04866e4a67f31845d656531830d

Resubmissions

09/05/2024, 08:30

240509-kecw3shb6x 9

21/12/2023, 14:07

231221-rfbtqshdbp 3

Sharing

Copy URL Twitter E-mail

General

Target

052ec04866e4a67f31845d656531830d
Size

33KB
MD5

052ec04866e4a67f31845d656531830d
SHA1

9860de85ea0d2b3022fa3d7bbbee0a13796258e6
SHA256

eec094bd3604a2fd84333113fbc0aee4fe394c5b74c7cc28216aa53d714d1bf3
SHA512

f654758e8416056838c313372fb181c2fc74984b923e723d34fb930b5b6e9228eb2fb78b23bf363f63a0e20a7b4d0ce79670192804e6dd91582a0c7a6c5ae043
SSDEEP

768:DImJJ/BTGooI35LXpUE7lKXtmoriCmqKyJtQOXlCyGT/8YJ2:DxvFGrgTUlG8JtQOXlCyGT/8W2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
052ec04866e4a67f31845d656531830d

Files

052ec04866e4a67f31845d656531830d
.exe windows:4 windows x86 arch:x86

dcf78b59aa0fb7cb098992d54b2e676b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Module32First
FindNextFileA
FindFirstFileA
GlobalFree
DeleteFileA
GetExitCodeProcess
CreateProcessA
CopyFileA
GetTempPathA
GetSystemDirectoryA
GetStartupInfoA
GetStdHandle
TerminateProcess
CreateToolhelp32Snapshot
AllocConsole
GetEnvironmentVariableA
lstrcatA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
WriteFile
FreeConsole
CreateMutexA
WinExec
CreateThread
CreatePipe
ReadFile
PeekNamedPipe
GetLocalTime
Process32First
CloseHandle
OpenProcess
Process32Next
GetLastError
Sleep

advapi32

OpenProcessToken
GetTokenInformation
LookupAccountSidA

shell32

ShellExecuteA

msvcp60

?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Xlen@std@@YAXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z

wininet

InternetWriteFile
HttpEndRequestA
InternetQueryOptionA
InternetSetOptionA
HttpSendRequestExA
HttpAddRequestHeadersA
HttpSendRequestA
InternetCrackUrlA
InternetCloseHandle
InternetConnectA
InternetReadFile
HttpQueryInfoA
HttpOpenRequestA
InternetOpenA

msvcrt

__set_app_type
_except_handler3
__p__fmode
__p__commode
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
system
ftell
fread
free
malloc
strncmp
__CxxFrameHandler
sprintf
atoi
getenv
printf
freopen
_iob
rand
srand
time
strstr
_itoa
strtok
scanf
fflush
strftime
localtime
fclose
fwrite
fseek
fopen

ws2_32

gethostbyname
gethostname
WSAStartup
inet_ntoa

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

dcf78b59aa0fb7cb098992d54b2e676b

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

msvcp60

wininet

msvcrt

ws2_32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 43KB

.rsrc Size: 1024B - Virtual size: 904B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 43KB

.rsrc
Size: 1024B - Virtual size: 904B