2f81aa7119d45efe20ae12c8eecd8aaf17a76daaa4e3554ed50f7cb4e2554fc2[.]exe

General

Target

2f81aa7119d45efe20ae12c8eecd8aaf17a76daaa4e3554ed50f7cb4e2554fc2.exe
Size

60KB
MD5

fbba15d729eca00ea28e2a2fe5736660
SHA1

16b8aa0bb86e9dceb6742c6592ababbb6ad755e5
SHA256

2f81aa7119d45efe20ae12c8eecd8aaf17a76daaa4e3554ed50f7cb4e2554fc2
SHA512

12ae712a88b0c9ffd954875f6264b5d15906f5f51c2af7cc8e31ca229e8b223df4147f6882e600690f1da0d6c45b1e9c635ab9e1cce1d6e008a33d031d6c9c82
SSDEEP

768:A5Awal0y0YYTJoT3TzwU/Akx5xr2vfkAtt8s0FWZ5Azl5lQM6:uAjV0lJQHA25ovfkCt30FC5ArlQR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f81aa7119d45efe20ae12c8eecd8aaf17a76daaa4e3554ed50f7cb4e2554fc2.exe

Files

2f81aa7119d45efe20ae12c8eecd8aaf17a76daaa4e3554ed50f7cb4e2554fc2.exe
.dll windows:4 windows x86 arch:x86

37746bbfc86041ff8d04e4034358baa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python22

PyType_Type
PyType_Ready
Py_InitModule4
PyModule_GetDict
PyDict_SetItemString
PyTuple_New
PyTuple_SetItem
PyArg_ParseTuple
PyErr_Clear
_PyObject_Del
PyInt_FromLong
PyString_FromStringAndSize
_PyObject_New
_Py_NoneStruct
PyObject_GenericSetAttr
PyObject_GenericGetAttr

ws2_32

ntohl
select
__WSAFDIsSet
WSARecvFrom
WSASendTo
WSAGetLastError
ntohs
socket
ioctlsocket
setsockopt
bind
listen
closesocket
gethostbyname
WSAStartup
WSACleanup
htons
htonl

kernel32

ExitProcess
VirtualProtect
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
SetFilePointer
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
GetCPInfo
GetOEMCP
GetACP
VirtualAlloc
WriteFile
DisableThreadLibraryCalls
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetTickCount
GetCommandLineA
GetVersionExA
HeapAlloc
HeapReAlloc
HeapFree
GetSystemInfo
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType

Exports

Exports

initenet

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37746bbfc86041ff8d04e4034358baa0

Headers

File Characteristics

Imports

python22

ws2_32

kernel32

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 9KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 9KB

.reloc
Size: 4KB - Virtual size: 2KB