0229933d59aef3146c7fca8d4acd3de1619db791a9ad63f387c69ac6d89f7cb2[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0229933d59aef3146c7fca8d4acd3de1619db791a9ad63f387c69ac6d89f7cb2.exe
Size

44KB
MD5

294f7beb8c2130b075a65d1e1df243f0
SHA1

2c6961e7b6bd2aea55d56febdb3523993720766a
SHA256

0229933d59aef3146c7fca8d4acd3de1619db791a9ad63f387c69ac6d89f7cb2
SHA512

f931adf31cfe555bc45a814f1bcce386181a5666bc99e60b334b68e90291b2407f809b2496b1ed40561633c6333dd006e9ce5f507c4421365d134eb04abf2940
SSDEEP

768:LuGmYY22spwsOivvkWrpDtmwxlRh0dFGrLKvLz4WsNoC+M2HFZl+NIt4nyD:PmcdVVN0dFGSz4WC7UHF2I2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0229933d59aef3146c7fca8d4acd3de1619db791a9ad63f387c69ac6d89f7cb2.exe

Files

0229933d59aef3146c7fca8d4acd3de1619db791a9ad63f387c69ac6d89f7cb2.exe
.dll .js windows:4 windows x86 arch:x86 polyglot

134b88d4a4bae1d1f63f1f12ec4b008c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

connect
gethostname
WSAIoctl
inet_ntoa
getpeername
WSAStartup
recvfrom
ntohl
inet_addr
htonl
select
WSAGetLastError
htons
ntohs
getsockname
shutdown
getprotobyname
setsockopt
getservbyport
sendto
WSACleanup
recv
bind
socket
getservbyname
__WSAFDIsSet
WSASetLastError
closesocket
gethostbyaddr
accept
gethostbyname
send
getsockopt
listen
ioctlsocket

kernel32

DisableThreadLibraryCalls
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
FreeLibrary

python27

PyArg_ParseTuple
PyTuple_Size
PyOS_snprintf
PyExc_ValueError
PyErr_Occurred
PyObject_Free
PyModule_AddIntConstant
PyErr_SetString
PyType_GenericAlloc
_Py_TrueStruct
PyErr_NewException
PyLong_AsUnsignedLong
PyArg_ParseTupleAndKeywords
PyTuple_Pack
_PyString_Resize
PyType_Type
PyErr_Clear
PyFloat_AsDouble
PyList_New
PyType_GenericNew
Py_AtExit
PyErr_SetExcFromWindowsErr
PyErr_Format
PyModule_AddObject
PyExc_TypeError
Py_InitModule4
PyExc_ImportError
PyThread_release_lock
PyList_Append
PyEval_SaveThread
PyMem_Free
_Py_NoneStruct
PyExc_OverflowError
PyEval_RestoreThread
PyCapsule_New
PyThread_allocate_lock
PyLong_FromUnsignedLong
PyUnicodeUCS2_AsEncodedString
PyThread_acquire_lock
PyErr_SetFromErrno
PyString_AsString
PyObject_GenericGetAttr
PyInt_AsLong
PyObject_ClearWeakRefs
PyString_FromStringAndSize
Py_BuildValue
PyBuffer_Release
PyInt_FromLong
PyExc_IOError
PyFloat_FromDouble
PyInt_FromSsize_t
PyErr_CheckSignals
PyString_FromString
PyErr_SetObject

msvcr71

strlen
strcpy
strchr
_errno
strncpy
memset
strcmp
_assert
strerror
strcat
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
_except_handler3
__dllonexit
_onexit
calloc
free
sscanf
sprintf
strtoul
memcpy

Exports

Exports

init_socket
init_sockobject

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

134b88d4a4bae1d1f63f1f12ec4b008c

Headers

File Characteristics

Imports

ws2_32

kernel32

python27

msvcr71

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 2KB