b53575be16e5a8c2660e0b85942616eb7b03a4b59aaf6ad0406746bcf9084523[.]exe

General

Target

b53575be16e5a8c2660e0b85942616eb7b03a4b59aaf6ad0406746bcf9084523.exe
Size

60KB
MD5

6b4e9b922ceddfa761cf14714c85a2b8
SHA1

9a6f818a2105d488f11cf14008f5691e0ea717bb
SHA256

b53575be16e5a8c2660e0b85942616eb7b03a4b59aaf6ad0406746bcf9084523
SHA512

f50fd7b5bbbd7095f8536c456c7b893e778e1e8c521f53577feb5237e98ac8615f9cb241ef0e178116dcb2b6c1ba83b47ccaba541463dc20e299c5365258ab71
SSDEEP

768:ZBMB7uLhDdWaX1ZOE/XZAv39SHOIXjTpF9VM+JG4oIxBkbQDo:ZBm7uLhDdWQaP9SHlzlFPM+xIbWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b53575be16e5a8c2660e0b85942616eb7b03a4b59aaf6ad0406746bcf9084523.exe

Files

b53575be16e5a8c2660e0b85942616eb7b03a4b59aaf6ad0406746bcf9084523.exe
.exe windows:4 windows x86 arch:x86

4dc1143e47a9a737805f66b3b75560be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
CopyFileA
GetModuleFileNameA
GetShortPathNameA
Sleep
WriteFile
ReadFile
GetLastError
GetSystemDirectoryA
CreateFileA
GetFileTime
SetFileTime
DeleteFileA
CloseHandle
CompareStringW
CompareStringA
CreateProcessA
GetFileAttributesA
FlushFileBuffers
LoadLibraryA
GetProcAddress
LCMapStringW
LCMapStringA
VirtualAlloc
SetFilePointer
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DuplicateHandle
GetCommandLineA
GetVersion
SetStdHandle
GetFileType
SetHandleCount
GetStdHandle
GetStartupInfoA
CreatePipe
GetExitCodeProcess
WaitForSingleObject
HeapReAlloc
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
MultiByteToWideChar
GetStringTypeA
SetEnvironmentVariableA

advapi32

OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
DeleteService

shell32

ShellExecuteA

ws2_32

shutdown
WSAStartup
gethostbyname
send
socket
htons
connect
closesocket
recv
WSACleanup

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4dc1143e47a9a737805f66b3b75560be

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB