6e648579d1f313c75fd2fb7cb3e76990N

Sharing

Copy URL Twitter E-mail

General

Target

6e648579d1f313c75fd2fb7cb3e76990N
Size

124KB
MD5

6e648579d1f313c75fd2fb7cb3e76990
SHA1

282218774d762ac845f56c3f9253bd9ca544dd91
SHA256

e29a311b5050e069f3ac5198a402491cd0cbba27a313e89d99283579c5edaf85
SHA512

2cb4d58511e5b8e1d8a61649eb1c4461c1b953dcda5cfbaebe4c9af7399091bbb7eb3ac9f3ecf46d4e9c6d8b477473655c4e57dba8e25219539433c243f30815
SSDEEP

1536:05RN19H86jToISl2UtJaiejP1T8HpBeL50yX5LugLNviUVQD48iV5x9ZGUUvYx8J:Ai/QQjeL50yX5Lu4Np845zxdYYz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e648579d1f313c75fd2fb7cb3e76990N

Files

6e648579d1f313c75fd2fb7cb3e76990N
.exe windows:4 windows x86 arch:x86

aaabdb0b1d057b2e282f353b3720fdf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
ExitProcess
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
OutputDebugStringA
WaitForSingleObject
SetFilePointer
WriteFile
CreateFileA
LockResource
FindResourceA
CreateThread
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
GetModuleHandleA
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
CreateProcessA
TerminateProcess
ExitThread
lstrcmpA
Sleep
GetLocalTime
WinExec
LoadLibraryA
EnumResourceNamesA
GetProcAddress
GetStartupInfoA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
StartServiceCtrlDispatcherA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

send
select
__WSAFDIsSet
closesocket
setsockopt
WSAIoctl
socket
gethostname
gethostbyname
WSACleanup
WSAStartup
inet_ntoa
recv
htonl
connect
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

__CxxFrameHandler
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
strchr
rand
realloc
malloc
strlen
sprintf
memset
memcpy
atoi
strncpy
strcspn
strstr
strcpy
_except_handler3
_CxxThrowException
localtime
time
exit
strcat
strncmp
free

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cezsgzw
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aaabdb0b1d057b2e282f353b3720fdf4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

shlwapi

iphlpapi

msvcrt

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 44KB - Virtual size: 44KB

cezsgzw Size: 32KB - Virtual size: 32KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 44KB - Virtual size: 44KB

cezsgzw
Size: 32KB - Virtual size: 32KB