90342ad9a4d455a8f297a99df8304a30N

Sharing

Copy URL Twitter E-mail

General

Target

90342ad9a4d455a8f297a99df8304a30N
Size

156KB
MD5

90342ad9a4d455a8f297a99df8304a30
SHA1

7e12029d087c2654c0a18132de1139d5b861bcf2
SHA256

13bd89e5b613b0b2a3d016cc1f361d48976f821e6102d571fdeb2562bb33f006
SHA512

cb4563e85241160422033a917dd680a1111b4d69840d7d1a57d6b3ed858be97cd4eafd68b64d42aa70433e882432a6c4cca1b183e65b9c964496a59cf995cccb
SSDEEP

3072:8SndHrMCN4BoUjuzvS37obcg8DsFbTIgKOHQwA7QrSd1z2Lp:XCCiyzzK30w/DsFbTeko7mIzC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90342ad9a4d455a8f297a99df8304a30N

Files

90342ad9a4d455a8f297a99df8304a30N
.exe windows:4 windows x86 arch:x86

c233870f5c9768e9e20c3fd5f83374be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetExitCodeProcess
CreateProcessA
GetStdHandle
CreateFileA
CopyFileA
_llseek
DeleteFileA
MoveFileA
WriteFile
GetFileAttributesA
ReadFile
GetLastError
GetTempFileNameA
HeapReAlloc
VirtualAlloc
CompareStringW
CompareStringA
LoadLibraryA
FlushFileBuffers
GetStringTypeW
GetStringTypeA
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
SetEndOfFile
SetStdHandle
SetFilePointer
SetHandleCount
GetCurrentDirectoryA
GetFullPathNameA
LCMapStringW
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
FileTimeToSystemTime
VirtualFree
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
GetCurrentProcess
TerminateProcess
ExitProcess
GetFileType
SetEnvironmentVariableA
CloseHandle
GetLocalTime
GetSystemTime
GetTimeZoneInformation
FindFirstFileA
GetDriveTypeA
HeapAlloc
HeapFree
FileTimeToLocalFileTime
FindClose

user32

SetActiveWindow
PostQuitMessage
EndDialog
IsDlgButtonChecked
PostMessageA
InvalidateRect
SendMessageA
IsWindow
MessageBoxA
DestroyWindow
DispatchMessageA
TranslateMessage
PeekMessageA
SetForegroundWindow
MoveWindow
GetWindowRect
GetDesktopWindow
GetMessageA
UpdateWindow
CheckRadioButton
EnableWindow
GetDlgItem
SetWindowTextA
CreateWindowExA
ShowWindow
DialogBoxParamA
CreateDialogParamA
DefWindowProcA
LoadCursorA
RegisterClassExA

gdi32

GetStockObject

comctl32

ord17

wsock32

WSAStartup
WSAGetLastError
inet_ntoa
recv
WSAAsyncSelect
send
inet_addr
getsockname
connect
htons
setsockopt
socket
gethostbyname
WSACleanup
listen
bind
accept
ioctlsocket
closesocket

lz32

LZOpenFileA
LZCopy
LZClose

Sections

.text
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 57KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c233870f5c9768e9e20c3fd5f83374be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

wsock32

lz32

Sections

.text Size: 70KB - Virtual size: 69KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 21KB - Virtual size: 162KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 59KB - Virtual size: 57KB

.text
Size: 70KB - Virtual size: 69KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 21KB - Virtual size: 162KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 59KB - Virtual size: 57KB