84af2c3685ce19c8443def7bbea0d8dfb1a46b0a2c4955403e582edd209fc44d

Sharing

Copy URL Twitter E-mail

General

Target

84af2c3685ce19c8443def7bbea0d8dfb1a46b0a2c4955403e582edd209fc44d
Size

524KB
MD5

30a19ebce6c2ddb7e00d4f0b5244fbe4
SHA1

6534e362ae0edbd30b6b81b2796a081d617ce7f8
SHA256

84af2c3685ce19c8443def7bbea0d8dfb1a46b0a2c4955403e582edd209fc44d
SHA512

658440f33b7c6bda4e4b5370c75215516ef9585859df3470ae0e5c7c38f52d8bc8797e0dc147073107953439e2bdd6b816f28c3074d60088094807b2b5beaaae
SSDEEP

1536:9U3jbbrjZkTAi9MfS80ZUwPXPoFmG1HK0ecH2GMYtS1+ngjnj7BQVqXz/F18et+P:9IPHi9Uj0ZUw/PoJzeIfNtS15hrTTzr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84af2c3685ce19c8443def7bbea0d8dfb1a46b0a2c4955403e582edd209fc44d

Files

84af2c3685ce19c8443def7bbea0d8dfb1a46b0a2c4955403e582edd209fc44d
.exe windows:4 windows x86 arch:x86

26997065aade6a22664a5710cd562dc3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetLastError
FileTimeToLocalFileTime
lstrcpynA
SetErrorMode
GetTempPathA
MoveFileA
VirtualFree
VirtualAlloc
LocalAlloc
LocalFree
Sleep
CloseHandle
WaitForSingleObject
CreateThread
WinExec
CopyFileA
CreateProcessA
FileTimeToSystemTime
GetProcAddress
ReadFile
SetFilePointer
GetFileSize
SystemTimeToFileTime
GetLocalTime
GetSystemTime
GetFileInformationByHandle
GetFileType
MapViewOfFile
CreateFileMappingA
CreateFileA
DuplicateHandle
GetCurrentProcess
WriteFile
UnmapViewOfFile
FindClose
FindNextFileA
FindFirstFileA
LoadLibraryA
lstrlenA
FileTimeToDosDateTime
lstrcpyA
CompareStringW
CompareStringA
SetEndOfFile
SetEnvironmentVariableA
LCMapStringW
LCMapStringA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetTimeZoneInformation
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
HeapReAlloc
IsBadWritePtr

ws2_32

htonl
ntohs
send
recv
select
inet_addr
socket
ioctlsocket
connect
htons

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26997065aade6a22664a5710cd562dc3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 24KB

.rsrc Size: 100KB - Virtual size: 98KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 24KB

.rsrc
Size: 100KB - Virtual size: 98KB

.shell
Size: 320KB - Virtual size: 320KB