2025-01-12_ad77c16a3697608fde5b39b6f86777b9_spora

Sharing

Copy URL

Twitter E-mail

General

Target

2025-01-12_ad77c16a3697608fde5b39b6f86777b9_spora
Size

254KB
MD5

ad77c16a3697608fde5b39b6f86777b9
SHA1

a74e168985586d4e355c03737731c428f6db1bba
SHA256

6103efac80cb749f4df1e276a3fa61409ae99cb866f63939c328c24647d62806
SHA512

e424176cbd4e098893bd7fb175ec0ba471a0158e613cad653fc4fa81b863688a7803a0888b2cbda7ee73f986f94db7fe312d90d6ad258a7c83ada9aebffd2d0b
SSDEEP

6144:n2czw5sIMsZwtI9K72UIETOhiJq2EKKbOEWVZ9UuCUrbJ+RX5:q5sIM/Xm0g2Erju9UgrbM3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-01-12_ad77c16a3697608fde5b39b6f86777b9_spora

Files

2025-01-12_ad77c16a3697608fde5b39b6f86777b9_spora
.exe windows:4 windows x86 arch:x86

b21206c495b520afb5a6d17f3b718582

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileW
ShellAboutW
DuplicateIcon
PathIsSlowA
SHGetDataFromIDListA
SHGetFileInfoA
SHGetSettings
StrStrA
SHCreateDirectoryExA
ExtractIconA
StrChrA
IsNetDrive
StrRChrA

user32

MapVirtualKeyA
GetClassInfoA
LoadStringA
CreateDesktopW
SetCursorPos
IsCharLowerA
CharToOemW
CreateDialogParamA
PostMessageA
GetMessageA
CreateWindowExW

wtsapi32

WTSCloseServer
WTSVirtualChannelClose
WTSQuerySessionInformationW
WTSQueryUserToken
WTSVirtualChannelPurgeOutput
WTSSetSessionInformationW
WTSEnumerateServersA
WTSSendMessageW
WTSVirtualChannelOpen
WTSVirtualChannelRead
WTSOpenServerW

kernel32

OpenProcess
GetShortPathNameW
GetLogicalDriveStringsW
GetCommandLineW
UpdateResourceA
MoveFileExA
CompareStringW
OpenJobObjectW
SystemTimeToFileTime
TlsGetValue
CreateMailslotA
FindAtomA
CopyFileA
SetCurrentDirectoryA
GetModuleHandleA
CreateFileA
WaitForSingleObject
WriteConsoleA
GetNumberFormatW
CreateJobObjectA
GetSystemTime
GetCurrentProcess
GetCurrentThreadId
CreateDirectoryA
FindClose
GetPrivateProfileStringW
lstrcmpi
GetFullPathNameA
WriteProcessMemory
GetEnvironmentStringsA
GetDateFormatA
GetProcAddress
GetVolumeInformationA
CreateMutexW
GetStringTypeW

clusapi

ClusterEnum
CloseClusterGroup
CloseClusterNode
ClusterControl

nddeapi

NDdeShareEnumA
NDdeShareSetInfoA
NDdeShareDelA
NDdeShareAddA

Exports

Exports

m
uko

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b21206c495b520afb5a6d17f3b718582

Headers

File Characteristics

Imports

shell32

user32

wtsapi32

kernel32

clusapi

nddeapi

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 220KB - Virtual size: 217KB

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 220KB - Virtual size: 217KB