ware[.]com | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

ware.com
Size

31.6MB
MD5

528f31fdfd8d59c33630e614f4570ae4
SHA1

2efcfa1da3d088c0df31e584c8cafd3b7c8c127c
SHA256

34ef3be14353da8485dc4ab3062477a1df1556b48d2ed72539f3a62d3c0f4cf2
SHA512

a4b8c296a15d6c6e5bf525bda68d9801055da7ab81718e12b53233cb6fd9ada3fc4cc2466d28a2a46b4239dc49b89864fafd0034f955880efc993286e9f00e25
SSDEEP

393216:iQXBzBlP+xwz5l0Je5CxUZq1LqaqdgzPZpZAJT0i/kLwgcsjDP2/NlUqgyguU0u+:vEw561uanZD7XsMjD+/Dyy7JuvRxK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ware.com

Files

ware.com
.exe windows:6 windows x64 arch:x64

4473b6299e548b8ff42c90ce9d9a4358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

EnumDisplayDevicesA

advapi32

CryptAcquireContextW

kernel32

AreFileApisANSI
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

ws2_32

WSAGetLastError

Sections

r>\!urC<
Size: - Virtual size: 785KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

D/?*3;fp
Size: - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

y^0a8&wz
Size: - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

?Ja@h:4*
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

--uO8o&,
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DOpN8FMU
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

o>Sx!gEJ
Size: - Virtual size: 140B

UOl#x3+X
Size: - Virtual size: 58B

S8SyV,!o
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

TSef0U7]
Size: - Virtual size: 15.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

)Iwqh8gH
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Al\)R,9N
Size: 31.6MB - Virtual size: 31.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

M!rV\b7Y
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

o_!zs(G:
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4473b6299e548b8ff42c90ce9d9a4358

Headers

DLL Characteristics

File Characteristics

Imports

user32

advapi32

kernel32

ws2_32

Sections

r>\!urC< Size: - Virtual size: 785KB

D/?*3;fp Size: - Virtual size: 163KB

y^0a8&wz Size: - Virtual size: 8.0MB

?Ja@h:4* Size: - Virtual size: 19KB

--uO8o&, Size: - Virtual size: 48B

DOpN8FMU Size: - Virtual size: 8KB

o>Sx!gEJ Size: - Virtual size: 140B

UOl#x3+X Size: - Virtual size: 58B

S8SyV,!o Size: - Virtual size: 244B

TSef0U7] Size: - Virtual size: 15.3MB

)Iwqh8gH Size: 3KB - Virtual size: 2KB

Al\)R,9N Size: 31.6MB - Virtual size: 31.6MB

M!rV\b7Y Size: 512B - Virtual size: 264B

o_!zs(G: Size: 512B - Virtual size: 422B

r>\!urC<
Size: - Virtual size: 785KB

D/?*3;fp
Size: - Virtual size: 163KB

y^0a8&wz
Size: - Virtual size: 8.0MB

?Ja@h:4*
Size: - Virtual size: 19KB

--uO8o&,
Size: - Virtual size: 48B

DOpN8FMU
Size: - Virtual size: 8KB

o>Sx!gEJ
Size: - Virtual size: 140B

UOl#x3+X
Size: - Virtual size: 58B

S8SyV,!o
Size: - Virtual size: 244B

TSef0U7]
Size: - Virtual size: 15.3MB

)Iwqh8gH
Size: 3KB - Virtual size: 2KB

Al\)R,9N
Size: 31.6MB - Virtual size: 31.6MB

M!rV\b7Y
Size: 512B - Virtual size: 264B

o_!zs(G:
Size: 512B - Virtual size: 422B