d69fc83a2629b8486cc689be27439642b9ce99a26f535d25b77c8e063b026a44

Sharing

Copy URL Twitter E-mail

General

Target

d69fc83a2629b8486cc689be27439642b9ce99a26f535d25b77c8e063b026a44
Size

116KB
MD5

9d348883be7b5255d4353cb62f7a3505
SHA1

fabd361e864a270df37308d6c68bcef3866457c9
SHA256

d69fc83a2629b8486cc689be27439642b9ce99a26f535d25b77c8e063b026a44
SHA512

5ffa8e1e5aa647727d2af581bb062826628c10d962bd7742dc4b8b8072f14eca0957b4de1d5fea936b4148543b928c542bf249118e7cccfddd3d25c95d7b7d17
SSDEEP

1536:iEi8lYz9yKaOUT6+gNnOm63lUb38vwnsggCybGiRlDNCppgWs99rC3/oX:ialVKan6+gWlvwsx3RlDNCUWArIoX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d69fc83a2629b8486cc689be27439642b9ce99a26f535d25b77c8e063b026a44

Files

d69fc83a2629b8486cc689be27439642b9ce99a26f535d25b77c8e063b026a44
.exe windows:4 windows x86 arch:x86

48414efc67ba3db95f772561a7f2919d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
CreateProcessA
ReadFile
MultiByteToWideChar
GetThreadLocale
WideCharToMultiByte
GlobalAlloc
GetModuleHandleA
GetVersionExA
GetProcAddress
FreeLibrary
FindFirstFileA
FindClose
DeleteFileA
GetModuleFileNameA
LoadLibraryA
CreateDirectoryA
GetWindowsDirectoryA
SetHandleInformation
CreatePipe
GetExitCodeProcess
HeapAlloc
GetLastError
GetACP
CompareStringA
CompareStringW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCPInfo
FreeEnvironmentStringsA
UnhandledExceptionFilter
FreeEnvironmentStringsW
SetFilePointer
SetEndOfFile
GetFileAttributesA
GetStdHandle
SetHandleCount
SetStdHandle
GetStringTypeW
GetStringTypeA
WriteFile
GetOEMCP
VirtualFree
GetCurrentDirectoryA
GetFullPathNameA
GetTimeZoneInformation
MoveFileA
SetEnvironmentVariableW
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
LCMapStringW
LCMapStringA
FlushFileBuffers
SetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualAlloc
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
GetFileType
CreateFileA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion

user32

TranslateMessage
MessageBoxA
SetTimer
GetDC
wsprintfA
ReleaseDC
GetDesktopWindow
SetWindowPos
GetClientRect
PostQuitMessage
EndPaint
BeginPaint
DefWindowProcA
DispatchMessageA
CreateWindowExA
LoadCursorA
RegisterClassA
GetMessageA

gdi32

GetDeviceCaps
BitBlt
SelectObject
CreateCompatibleDC
DeleteDC
CreateDIBSection

advapi32

RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA

wsock32

htons
WSAAsyncSelect
closesocket
WSAStartup
WSAGetLastError
send
connect
ioctlsocket
socket
bind
ntohs
accept
recv
listen
getsockname

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

48414efc67ba3db95f772561a7f2919d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wsock32

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 8KB - Virtual size: 6KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 8KB - Virtual size: 6KB