a7c78bac365b1bc20a4235954ad05a3449b5bd6b26a1be4551c5d4c761820b19N

Sharing

Copy URL Twitter E-mail

General

Target

a7c78bac365b1bc20a4235954ad05a3449b5bd6b26a1be4551c5d4c761820b19N
Size

300KB
MD5

2414d0d86440bda352eb7e793ca8bd10
SHA1

00255da8878bd84b69bd2805fd398d380c7a5898
SHA256

a7c78bac365b1bc20a4235954ad05a3449b5bd6b26a1be4551c5d4c761820b19
SHA512

d150e921349e56cdc2e94268da902a531a2982d946a4986ec8f0cb43a3efb877e41111790aa927644fe036c905f754a0e724818eabd45aa19e3c9c007035cd2f
SSDEEP

3072:1poXKiyxPc6dILzSbQPlODMJKgfu5MkiuifAwlC1xTBfro9H6IGa5khoIWAv:QKiT6dqzSbQP4DMdmXgCXTBzocZLs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7c78bac365b1bc20a4235954ad05a3449b5bd6b26a1be4551c5d4c761820b19N

Files

a7c78bac365b1bc20a4235954ad05a3449b5bd6b26a1be4551c5d4c761820b19N
.dll windows:4 windows x86 arch:x86

187c44515b3ebbc0a4a396620388e8e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSASend
shutdown
listen
bind
htonl
htons
recv
socket
inet_addr
gethostbyname
connect
getsockname
send
closesocket
WSARecv
setsockopt
WSAIoctl
WSAStartup
WSACleanup
WSAEventSelect
WSASocketA
WSAGetLastError

kernel32

SetEvent
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
Sleep
DeleteCriticalSection
GetLastError
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
DeleteFileA
WriteFile
ReadFile
SetFilePointer
GetFileSize
GetCurrentProcessId
CreateFileA
GetVersion
TerminateProcess
GetVersionExA
GetCurrentProcess
FindClose
FindFirstFileA
GetProcessHeap
GetLocaleInfoA
ResetEvent
GetACP
GetCPInfo
HeapSize
GetStdHandle
HeapReAlloc
VirtualAlloc
VirtualFree
ExitProcess
GetOEMCP
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RaiseException
CreateThread
ExitThread
RtlUnwind
IsValidCodePage
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetHandleCount
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CompareStringA
CompareStringW
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleA
GetModuleFileNameA
GetCurrentThreadId
OutputDebugStringA
GetSystemInfo
CreateIoCompletionPort
GetQueuedCompletionStatus
InterlockedDecrement
GetTickCount
InterlockedExchangeAdd
InterlockedIncrement
PostQueuedCompletionStatus
WaitForSingleObject
CloseHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
SetEnvironmentVariableA

user32

LoadCursorA
SetCursor

Exports

Exports

IAlloc

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

187c44515b3ebbc0a4a396620388e8e7

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

Exports

Exports

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 60KB - Virtual size: 59KB

.data Size: 16KB - Virtual size: 14KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 60KB - Virtual size: 59KB

.data
Size: 16KB - Virtual size: 14KB

.reloc
Size: 12KB - Virtual size: 9KB