442ad18950b02791d7dd74f7fe9821483eb996f12fd2c632f50ebc696298899dN

Sharing

Copy URL Twitter E-mail

General

Target

442ad18950b02791d7dd74f7fe9821483eb996f12fd2c632f50ebc696298899dN
Size

283KB
MD5

ef38ce1db2b16e49b25ad41a0d359280
SHA1

f2f989c87c4f762e2ff9f6436007ab8063e85947
SHA256

442ad18950b02791d7dd74f7fe9821483eb996f12fd2c632f50ebc696298899d
SHA512

edf07db65fb11f9ef4f0a5dc81d93fa12119a0d2ea3516acf7c1c9335974afacfd54115ce639443d9bca1c79e8a2b4c91dfd32d04113bf74020d9f11d1891e40
SSDEEP

6144:3ecvglwjcSgsZq59LtPXf7VhoJAE4zlwiLrTu1csu14tP:XYlwjcSgsZq59LtPDoKz7yG2tP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
442ad18950b02791d7dd74f7fe9821483eb996f12fd2c632f50ebc696298899dN

Files

442ad18950b02791d7dd74f7fe9821483eb996f12fd2c632f50ebc696298899dN
.exe windows:6 windows x86 arch:x86

17dba82e53afde77584881c431c8963a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\projects\MailServer\Trunk\Release\Reply.pdb

Imports

kernel32

HeapReAlloc
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FlushFileBuffers
GetStringTypeW
GetFileSizeEx
CreatePipe
WriteConsoleW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
GetCommandLineW
GetCommandLineA
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
SetStdHandle
SetFilePointerEx
GetConsoleOutputCP
WriteFile
SetUnhandledExceptionFilter
GetLastError
GetCurrentThreadId
WaitForSingleObject
CloseHandle
GetExitCodeProcess
TerminateProcess
GetModuleFileNameA
CreateFileA
GetCurrentProcessId
GetCurrentProcess
DeleteFileA
LoadLibraryA
GetProcAddress
VirtualProtect
WriteProcessMemory
Sleep
SetEndOfFile
DeleteFileW
MultiByteToWideChar
GetFileAttributesExW
WideCharToMultiByte
FileTimeToLocalFileTime
FileTimeToSystemTime
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetTickCount64
TryEnterCriticalSection
LeaveCriticalSection
CreateMutexA
ReleaseMutex
FindClose
VerSetConditionMask
VerifyVersionInfoA
FindFirstFileExW
FindNextFileW
GetSystemDirectoryA
FreeLibrary
GetModuleHandleA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
DuplicateHandle
CreateProcessW
GetTimeZoneInformation
CreateFileW
GetFileType
ReadFile
GetConsoleMode
ReadConsoleW
DecodePointer

dbghelp

MiniDumpWriteDump

ws2_32

getnameinfo
select
socket
sendto
send
shutdown
recv
listen
connect
closesocket
bind
accept
WSAAccept
WSASetLastError
gethostbyaddr
getservbyport
htonl
getservbyname
htons
gethostbyname
WSAGetLastError
WSAStartup
ntohs
WSACleanup
inet_ntoa
getaddrinfo
gethostname
inet_addr

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

17dba82e53afde77584881c431c8963a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

dbghelp

ws2_32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB