db1bd817356196d05d7bab533ef4a247966b09cb82cc34c9ca7979895d7c5dff

Sharing

Copy URL Twitter E-mail

General

Target

db1bd817356196d05d7bab533ef4a247966b09cb82cc34c9ca7979895d7c5dff
Size

432KB
MD5

f90ad484a592f568d25504196dd47556
SHA1

eefa8d8626ef895d426ae37af7f49eb1ef45b8c4
SHA256

db1bd817356196d05d7bab533ef4a247966b09cb82cc34c9ca7979895d7c5dff
SHA512

2902a8083dd5c9cf8ef7b29c9a8b92658388228f1c6ea320d896bb5e51598c665506a41e69bbd9d83594d7d4c89cceb081328807a0c9f7cb3da55113d0cfb713
SSDEEP

1536:9Ccgydge8bsmURZnaM/CeWXjqwTKlRq/Gw/C0gtd:mXe8izxOalRq54td

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db1bd817356196d05d7bab533ef4a247966b09cb82cc34c9ca7979895d7c5dff

Files

db1bd817356196d05d7bab533ef4a247966b09cb82cc34c9ca7979895d7c5dff
.exe windows:4 windows x86 arch:x86

d06de75655d95ed405b1383ea7934d8e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\6.26\myServer\release\myServer.pdb

Imports

kernel32

MultiByteToWideChar
GetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
GetModuleFileNameA
GetOEMCP
GetSystemDirectoryA
GetVersionExA
CloseHandle
GetTempPathA
DeleteFileA
CreateThread
FlushFileBuffers
SetStdHandle
ReadFile
CreateProcessA
Sleep
WideCharToMultiByte
WriteFile
VirtualFree
WaitForSingleObject
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
GetFileSize
CreateFileA
GetCurrentThreadId
ExitProcess
GetACP
SetEndOfFile
GetCPInfo
InitializeCriticalSection
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapCreate
lstrlenA
LocalFree
GetFileAttributesA
ExitThread
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RtlUnwind
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
SetFilePointer
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapSize
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy

user32

PostThreadMessageA

advapi32

GetUserNameA
OpenSCManagerA
SetServiceStatus
ReportEventA
DeregisterEventSource
CreateServiceA
RegisterServiceCtrlHandlerA
ChangeServiceConfig2A
StartServiceCtrlDispatcherA
RegisterEventSourceA
CloseServiceHandle
OpenServiceA

shell32

ShellExecuteExA

ole32

OleRun
CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysStringLen
SysAllocString
GetErrorInfo

ws2_32

WSACleanup
gethostbyname
gethostname
inet_ntoa
WSAStartup

wininet

InternetOpenA
HttpSendRequestA
HttpAddRequestHeadersA
HttpOpenRequestA
InternetReadFile
InternetCloseHandle
InternetConnectA
InternetQueryOptionA

Sections

.text
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d06de75655d95ed405b1383ea7934d8e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

ws2_32

wininet

Sections

.text Size: 80KB - Virtual size: 78KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 176B

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 80KB - Virtual size: 78KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 176B

.shell
Size: 320KB - Virtual size: 320KB