29db2c85dea4209e349836734c65efc51626b8d96a4ba8d35919bbab62e20680

Sharing

Copy URL

Twitter E-mail

General

Target

29db2c85dea4209e349836734c65efc51626b8d96a4ba8d35919bbab62e20680
Size

76KB
MD5

8c9ce577ee9dca1b1d80f7c35e918bb7
SHA1

74a070c4557f4e8088e9b35c48195c64df4ea401
SHA256

29db2c85dea4209e349836734c65efc51626b8d96a4ba8d35919bbab62e20680
SHA512

caac2e82591bd4af54fd245eb6a27c9f8909ee2268f4308408b823dd9f45ef0b7f8e571851d6184f4417e782825018a3d13bea1dfa908207d36ecb5632951f4b
SSDEEP

1536:/0hJ+pH519zS9gIZvJh3dE0osTS2UkD7Y2Kw+I:/0hJmdzS9gIJ5EDoUkY2KbI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29db2c85dea4209e349836734c65efc51626b8d96a4ba8d35919bbab62e20680

Files

29db2c85dea4209e349836734c65efc51626b8d96a4ba8d35919bbab62e20680
.exe windows:4 windows x86 arch:x86

36d92016a93e5f5853d01e512809391a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord1575
ord941
ord537
ord858
ord924
ord6883
ord860
ord540
ord2915
ord5572
ord535
ord800
ord825
ord1168

msvcrt

_onexit
__dllonexit
??1type_info@@UAE@XZ
memmove
_stricmp
malloc
free
strncpy
_beginthreadex
_CxxThrowException
_vsnprintf
_exit
_mbstok
_XcptFilter
exit
_controlfp
_acmdln
atoi
_mbsnbicmp
isalpha
_mbspbrk
_mbsnbcpy
_mbsrchr
_mbsstr
_access
__CxxFrameHandler
_purecall
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
sprintf

kernel32

LoadLibraryA
GetTempFileNameA
CreateFileA
FindClose
GetLastError
FindNextFileA
CloseHandle
ReadFile
WriteFile
SetFilePointer
GetFileSize
GetFileAttributesA
SetEndOfFile
GetModuleFileNameA
GetTempPathA
CreateDirectoryA
GetStartupInfoA
GetModuleHandleA
CreateMailslotA
DeleteFileA
GetCurrentProcess
SetPriorityClass
Sleep
UnmapViewOfFile
OpenFileMappingA
MapViewOfFile
ReleaseMutex
WaitForSingleObject
CreateMutexA
OpenMutexA
FormatMessageA
OutputDebugStringA
FreeLibrary
ExpandEnvironmentStringsA
GetCurrentDirectoryA
FindFirstFileA
GetProcAddress

user32

wsprintfA
MessageBoxA
LoadStringA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegEnumValueA
RegCreateKeyExA

ws2_32

WSAStartup

winmm

timeGetTime

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36d92016a93e5f5853d01e512809391a

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ws2_32

winmm

msvcp60

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 28KB - Virtual size: 92KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 28KB - Virtual size: 92KB