ca7afc9616f73402712a5c08b588062e9b5af5a5600750bd5fc3a42d1828417fN

General

Target

ca7afc9616f73402712a5c08b588062e9b5af5a5600750bd5fc3a42d1828417fN
Size

35KB
MD5

d4a01775c0efb20b8d131a427daf0b50
SHA1

710049e6fc8e98ebc6b361963009b2597953a21a
SHA256

ca7afc9616f73402712a5c08b588062e9b5af5a5600750bd5fc3a42d1828417f
SHA512

bf7711bcc033e1b7c111092765a3cf98e720f72f6bd82297e161b8407237969319de553670c6a06d3153c4caff1ee1ab3260a1e61f82024564ac8ec072493e61
SSDEEP

768:+TmQRc4QtisKl4qJPisKl4qJIisKl4qJKisKl4qJ:KmQKtisKldJPisKldJIisKldJKisKldJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca7afc9616f73402712a5c08b588062e9b5af5a5600750bd5fc3a42d1828417fN

Files

ca7afc9616f73402712a5c08b588062e9b5af5a5600750bd5fc3a42d1828417fN
.exe windows:6 windows x64 arch:x64

4c5fe4454c4eea2a8207a9064507b2b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

hostname.pdb

Imports

kernel32

SetThreadUILanguage
GetLastError
HeapSetInformation
SetUnhandledExceptionFilter
LocalFree
FormatMessageA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleW
Sleep

msvcrt

?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_amsg_exit
_initterm
_cexit
_exit
_XcptFilter
__C_specific_handler
__getmainargs
exit
_setmode
_write
puts

user32

CharToOemBuffA

ws2_32

WSAStartup
gethostname

mswsock

s_perror

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

�*
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c5fe4454c4eea2a8207a9064507b2b9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcrt

user32

ws2_32

mswsock

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 512B - Virtual size: 216B

.rsrc Size: 2KB - Virtual size: 2KB

�* Size: 512B - Virtual size: 72B

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 512B - Virtual size: 216B

.rsrc
Size: 2KB - Virtual size: 2KB

�*
Size: 512B - Virtual size: 72B