b1edacfd92816c442daf9cae7b77a3f498a2a8b4afd5aaf482d335ed9beba69b

General

Target

b1edacfd92816c442daf9cae7b77a3f498a2a8b4afd5aaf482d335ed9beba69b
Size

20KB
MD5

06001a7def15a2365ba9ff78e34dfa58
SHA1

843711a5d5882b721a9296ce1caf7a45311bceb7
SHA256

b1edacfd92816c442daf9cae7b77a3f498a2a8b4afd5aaf482d335ed9beba69b
SHA512

04e87fb1a033acafba48f6bcfb12e267c96ca9a7181ff5393435d14c1e5ad9cf0f7618f18d172d4e44351496a80211eaec90e092494fb28554974dcfebc51f41
SSDEEP

384:U9IY1Od0FFYrlv4Y1jMwuLrjJ0HJ5bWSs0mWhsme9V:UWY2CFklvGwsHJUTHpE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1edacfd92816c442daf9cae7b77a3f498a2a8b4afd5aaf482d335ed9beba69b

Files

b1edacfd92816c442daf9cae7b77a3f498a2a8b4afd5aaf482d335ed9beba69b
.exe windows:5 windows x86 arch:x86

5262291051c03dab09df6336f785701d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

arp.pdb

Imports

msvcrt

_cexit
_XcptFilter
_exit
_c_exit
isspace
islower
isxdigit
__p__commode
__initenv
fprintf
_setmode
_iob
time
toupper
sscanf
exit
isdigit
__getmainargs
_initterm
__setusermatherr
__p__fmode
_adjust_fdiv
__set_app_type
_controlfp
_except_handler3
sprintf

kernel32

UnhandledExceptionFilter
GetLastError
QueryPerformanceCounter
GetTickCount
GetSystemDirectoryA
GetProcAddress
LoadLibraryA
FormatMessageA
SetUnhandledExceptionFilter
LocalFree
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId

snmpapi

SnmpUtilMemAlloc
SnmpUtilMemFree
SnmpUtilVarBindFree
SnmpUtilOidCpy

ws2_32

gethostbyname
ntohl
inet_addr
WSAStartup

iphlpapi

GetUdpStatsFromStackEx
GetTcpStatsFromStackEx
GetIpStatsFromStackEx
GetIcmpStatsFromStackEx

user32

CharToOemBuffA

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5262291051c03dab09df6336f785701d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

snmpapi

ws2_32

iphlpapi

user32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 5KB - Virtual size: 101KB

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 5KB - Virtual size: 101KB