4debc6143cb07862772a847aff791ca30b789f24bb83f857d3757eafbb428d8a

General

Target

4debc6143cb07862772a847aff791ca30b789f24bb83f857d3757eafbb428d8a
Size

388KB
MD5

7394ecefec19a8f2d19b7703894b61e8
SHA1

6a00d23703633715338c624edaed3d7ea3e70774
SHA256

4debc6143cb07862772a847aff791ca30b789f24bb83f857d3757eafbb428d8a
SHA512

569d71fddbd547d039cc1c65d9cb2634af392aa6ee2874fa4c3a44e54e81401ab45560f1a891a10297cd4f58e1e3b7bf5d10decc2789f2a3ccf36059bca29f92
SSDEEP

768:BvqLdcOnJCSyHk1VzbKNa+JlvzkD3zRMSI9gtMNFwGrrVOqtnXMGyZEPxTWoGMvB:JKT4YVeNauvzKNdtMNFwGTtxdWTM3Wk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4debc6143cb07862772a847aff791ca30b789f24bb83f857d3757eafbb428d8a

Files

4debc6143cb07862772a847aff791ca30b789f24bb83f857d3757eafbb428d8a
.exe windows:4 windows x86 arch:x86

f600c389874e13542ab108ced755a629

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
SetFilePointer
SetStdHandle
GetCommandLineA
GetVersion
ExitProcess
FlushFileBuffers
WriteFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
CloseHandle

ws2_32

WSAStartup
socket
WSAGetLastError
htons
inet_addr
gethostbyname
connect
recv
send
closesocket
WSACleanup

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f600c389874e13542ab108ced755a629

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 40KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 40KB

.shell
Size: 320KB - Virtual size: 320KB