b3b65c79214643bfdf47d560f9a4a3bb046977771d48424c5a7ce090a1a7c09aN

Sharing

Copy URL Twitter E-mail

General

Target

b3b65c79214643bfdf47d560f9a4a3bb046977771d48424c5a7ce090a1a7c09aN
Size

176KB
MD5

217e5fa225f0821aeed2a0b0f0be21b0
SHA1

f7c0b814a20159b43cda35907db6a38a218193b9
SHA256

b3b65c79214643bfdf47d560f9a4a3bb046977771d48424c5a7ce090a1a7c09a
SHA512

b26a43d58ceae73f3ead187f47650777715185e83919d502972739e6fac11d0ce424b8178ab48504d94b8ddd243b22539730dd7bf5d7c1f66a3b05f5fab8008b
SSDEEP

1536:699OsTKuwz7ZQOHVqlz6zJfQ9G5CghxizhDRDJE8QsE:psT2VHswzBQ9WCgrqDJE8QsE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b3b65c79214643bfdf47d560f9a4a3bb046977771d48424c5a7ce090a1a7c09aN

Files

b3b65c79214643bfdf47d560f9a4a3bb046977771d48424c5a7ce090a1a7c09aN
.exe windows:4 windows x86 arch:x86

2e9d1ee076241e38de8158d4de7766aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
_iob
_except_handler3
exit
_adjust_fdiv
__p__fmode
__p__commode
__getmainargs
__setusermatherr
_initterm
_exit
__p___initenv
_XcptFilter
_onexit
__dllonexit
strrchr
wcslen
wcsncmp
strerror
wcscpy
modf
strspn
__p__wenviron
realloc
__p__environ
free
_errno
strncpy
strncmp
strstr
perror
_ftol
fopen
fflush
fclose
qsort
malloc
calloc
sprintf
_isctype
printf
atoi
__mb_cur_max
_pctype
strchr
fprintf
_strdup

kernel32

WriteFile
LocalFree
WaitForSingleObject
DuplicateHandle
GetProcAddress
GetVersionExA
LoadLibraryA
GetExitCodeProcess
LeaveCriticalSection
SetEvent
TerminateProcess
EnterCriticalSection
DeleteCriticalSection
ReleaseMutex
CreateMutexA
InitializeCriticalSection
GetFileInformationByHandle
GetFileType
GetOverlappedResult
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GlobalFree
GetCommandLineW
TlsAlloc
TlsFree
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
FileTimeToLocalFileTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
Sleep
FormatMessageA
GetLastError
PeekNamedPipe
CreateFileA
CreateFileW
GetCurrentProcess
SetHandleInformation
CloseHandle
SetStdHandle
GetStdHandle
SetFilePointer
CreateEventA
ReadFile

advapi32

FreeSid
AllocateAndInitializeSid

wsock32

ioctlsocket
gethostbyname
ntohl
htons
setsockopt
closesocket
socket
getsockopt
connect
select
WSAStartup
WSAGetLastError
__WSAFDIsSet
WSACleanup
inet_ntoa

ws2_32

WSARecv
WSASend

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2e9d1ee076241e38de8158d4de7766aa

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

wsock32

ws2_32

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 116KB - Virtual size: 116KB