0154dcdae7c78601288a23b84e447e9b65e5717543ee937a1fd774799d725ac1N

General

Target

0154dcdae7c78601288a23b84e447e9b65e5717543ee937a1fd774799d725ac1N
Size

176KB
MD5

eb5ce2f65d266eae8d54afabff5a1c10
SHA1

d818987450590d6bb5d71ad8349797286e55b508
SHA256

0154dcdae7c78601288a23b84e447e9b65e5717543ee937a1fd774799d725ac1
SHA512

c98607045f1120017bb358661b5c8da9a8e1463d35dd1e86e2777d5bc79b8740067f088c23b49ed2da4d5a17559b66b6cebb948e2b6768b96bef1b4521d08c60
SSDEEP

1536:yW1QimsLWNfSqm4BiZdLnkdjs0D2zdskMxJq5FzE6SlV5:7QfLNVrBEpkxvD2zilz+glj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0154dcdae7c78601288a23b84e447e9b65e5717543ee937a1fd774799d725ac1N

Files

0154dcdae7c78601288a23b84e447e9b65e5717543ee937a1fd774799d725ac1N
.exe windows:4 windows x86 arch:x86

b169b5166093b85cd521ed8961638f0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetConsoleCtrlHandler
RtlUnwind
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapAlloc
HeapReAlloc
HeapFree
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
CloseHandle

ws2_32

ntohs
getservbyport
gethostbyaddr
gethostbyname
inet_addr
htons
getservbyname
htonl
inet_ntoa
WSASetLastError
WSAStartup
WSACleanup
socket
WSAGetLastError
connect
closesocket
send
shutdown
recv

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b169b5166093b85cd521ed8961638f0f

Headers

File Characteristics

Imports

kernel32

ws2_32

Sections

.text Size: 140KB - Virtual size: 136KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 140KB - Virtual size: 136KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB