1c7804cec44a7664a987821266bac82ce6c49fd72e3265d45b6fa21a61b7471c

Sharing

Copy URL

Twitter E-mail

General

Target

1c7804cec44a7664a987821266bac82ce6c49fd72e3265d45b6fa21a61b7471c
Size

432KB
MD5

60610d2ca08ff4c0eaaf49bdc3cbc859
SHA1

cb4e35eeda66ef85f8f294b5ada533b4142ecd4e
SHA256

1c7804cec44a7664a987821266bac82ce6c49fd72e3265d45b6fa21a61b7471c
SHA512

444bec77064709a1ee221fded8061c05d77711464ffc457b0ddad28efe6747573b53bf9d0b21926b649b61a0136b1be36e00ffba22ee3aee0e7fe80e4ef2b1d8
SSDEEP

1536:UNCFjHGRe8bsyURspYNQqheWXjqwTKlRq/Gw/C0gtdwHoLs1oSZ:UOHGe8pkQqYOalRq54td68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c7804cec44a7664a987821266bac82ce6c49fd72e3265d45b6fa21a61b7471c

Files

1c7804cec44a7664a987821266bac82ce6c49fd72e3265d45b6fa21a61b7471c
.exe windows:4 windows x86 arch:x86

d06de75655d95ed405b1383ea7934d8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\6.26\myServer\release\myServer.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
GetModuleFileNameA
GetOEMCP
GetSystemDirectoryA
GetVersionExA
CloseHandle
GetTempPathA
DeleteFileA
CreateThread
FlushFileBuffers
SetStdHandle
ReadFile
CreateProcessA
Sleep
WideCharToMultiByte
WriteFile
VirtualFree
WaitForSingleObject
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetFileSize
CreateFileA
GetCurrentThreadId
ExitProcess
GetACP
SetEndOfFile
GetCPInfo
InitializeCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapCreate
lstrlenA
LocalFree
GetFileAttributesA
ExitThread
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy

user32

PostThreadMessageA

advapi32

GetUserNameA
OpenSCManagerA
SetServiceStatus
ReportEventA
DeregisterEventSource
CreateServiceA
RegisterServiceCtrlHandlerA
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
RegisterEventSourceA
CloseServiceHandle
OpenServiceA

shell32

ShellExecuteExA

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysStringLen
SysAllocString
GetErrorInfo

ws2_32

WSACleanup
gethostbyname
gethostname
inet_ntoa
WSAStartup

wininet

InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetQueryOptionA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d06de75655d95ed405b1383ea7934d8e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 176B

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 176B

.shell
Size: 320KB - Virtual size: 320KB