7326e89a890628d7f5dbfea998c906d701fb95c4d5fa01993354646ac3125b8e

Sharing

Copy URL Twitter E-mail

General

Target

7326e89a890628d7f5dbfea998c906d701fb95c4d5fa01993354646ac3125b8e
Size

176KB
MD5

75ed2ee3549c604e6d1ca25ce03e0622
SHA1

13843b44448a2a54566f687952cbed784d717aa0
SHA256

7326e89a890628d7f5dbfea998c906d701fb95c4d5fa01993354646ac3125b8e
SHA512

9fbc64f5bc32c8331263cf3da2e8796410e99d0a26b355a3c3f333bc7c847ab8a20c045902d5a525556f5bc8d8291852e2425e42dabaeb818b3e60186613736a
SSDEEP

3072:ze3hXN4khhPO1YWImpE/8fdLBMEp1oDJQrgJSR:zAXN4oO1dmUfVFsQ0J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7326e89a890628d7f5dbfea998c906d701fb95c4d5fa01993354646ac3125b8e

Files

7326e89a890628d7f5dbfea998c906d701fb95c4d5fa01993354646ac3125b8e
.dll windows:4 windows x86 arch:x86

a05ab8ad33cf842d84120714d3e5ae5c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

sendto
WSAStartup
WSACleanup
gethostbyname
__WSAFDIsSet
htons
WSAGetLastError
connect
ioctlsocket
getpeername
getsockname
inet_addr
socket
select
gethostname
closesocket
inet_ntoa
ntohl
ntohs
recv
send

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

advapi32

DuplicateTokenEx
CreateProcessAsUserA
RegCreateKeyExA
RegSetValueExA
OpenProcessToken
GetTokenInformation
LookupAccountSidA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

kernel32

GetOEMCP
GetACP
GetCPInfo
UnhandledExceptionFilter
FlushFileBuffers
SetFilePointer
ReadFile
RaiseException
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStdHandle
SetHandleCount
DeleteCriticalSection
GetStringTypeA
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
HeapSize
ExitThread
CreateThread
TerminateProcess
ExitProcess
RtlUnwind
HeapReAlloc
HeapAlloc
MoveFileA
GetFileType
SetStdHandle
InitializeCriticalSection
DeleteFileA
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileAttributesA
CreateDirectoryA
RemoveDirectoryA
FileTimeToLocalFileTime
GetDriveTypeA
VirtualAlloc
GetModuleHandleA
GetCommandLineA
HeapFree
GetLocalTime
OutputDebugStringA
GetLastError
Sleep
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
SetEndOfFile
GetModuleFileNameA
FileTimeToSystemTime
Process32Next
CloseHandle
OpenProcess
Process32First
CreateToolhelp32Snapshot
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
GetVersionExA
GetDiskFreeSpaceExA
GetLogicalDriveStringsA
GetFullPathNameA
GetVersion
DeviceIoControl
CreateFileA
CreateProcessA
GetCurrentThreadId
PeekNamedPipe
GetExitCodeProcess
GetStartupInfoA
CreatePipe
CreateMutexA
WaitForSingleObject
ReleaseMutex
FindFirstFileA
FindClose
SetEvent
InterlockedCompareExchange
CreateEventA
InterlockedExchangeAdd
InterlockedExchange
TlsSetValue
TlsGetValue
InterlockedIncrement
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
GetThreadPriority
DuplicateHandle
GetCurrentThread
GetSystemDirectoryA
SetThreadPriority
GetCurrentProcessId
TlsAlloc
TlsFree
SetLastError
GetTimeZoneInformation
GetSystemTime

Exports

Exports

GetFunt

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a05ab8ad33cf842d84120714d3e5ae5c

Headers

File Characteristics

Imports

ws2_32

iphlpapi

advapi32

userenv

kernel32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 24KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 848B

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 24KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 848B

.reloc
Size: 12KB - Virtual size: 10KB