e506e529d2d1d80ba433d4dec9fcbf07506112c8d0a130bed322f03346640456

General

Target

e506e529d2d1d80ba433d4dec9fcbf07506112c8d0a130bed322f03346640456
Size

36KB
MD5

2373dfbdba70b54164d4fe163f7f59f1
SHA1

fbc51778f9e4868ddce4763d0bef4cb48090e3f6
SHA256

e506e529d2d1d80ba433d4dec9fcbf07506112c8d0a130bed322f03346640456
SHA512

32e48c596def05ddd1c987ae54cb069f750e0e4a993aa9f5c1d69e11c49ca90f6d324dfb4fa7c29c7d642eb2d939b2efe9332e0f4f4cbc5a0b2893adbf8598ec
SSDEEP

384:pnAvHMUga1Tz86P5LDml85VOLa4Z9aZeXJJReypFy+E66ryotf:lMMXa106BL5kvSZeZPeAA+P6ryotf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e506e529d2d1d80ba433d4dec9fcbf07506112c8d0a130bed322f03346640456

Files

e506e529d2d1d80ba433d4dec9fcbf07506112c8d0a130bed322f03346640456
.exe windows:4 windows x86 arch:x86

914228963e6e2b81297c798ce36c835e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

ws2_32

WSAStartup
socket
htons
bind
WSAAsyncSelect
recvfrom
sendto

kernel32

LCMapStringA
GetOEMCP
LCMapStringW
GetStringTypeA
GetACP
SetFilePointer
WriteFile
CloseHandle
ReadFile
CreateFileA
GetCPInfo
GetFileAttributesA
GetStringTypeW
GetFileSize
FindClose
FindNextFileA
Sleep
MultiByteToWideChar
FindFirstFileA
GetDriveTypeA
GetSystemTime
GetCommandLineA
GetProcAddress
LoadLibraryA
GetVersionExA
GetLastError
SetFileAttributesA
IsBadCodePtr
RaiseException
RtlUnwind
IsBadReadPtr
GetStartupInfoA
GetVersion
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetModuleFileNameA
IsBadWritePtr
UnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc

user32

PeekMessageA
DefWindowProcA
CreateWindowExA
RegisterClassA
GetActiveWindow
DispatchMessageA
TranslateMessage
LoadIconA
LoadCursorA
GetWindowLongA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

914228963e6e2b81297c798ce36c835e

Headers

File Characteristics

Imports

mpr

ws2_32

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB