2025-02-03_010b6dde15074e36899e0f993d9fa95f_spora

Sharing

Copy URL

Twitter E-mail

General

Target

2025-02-03_010b6dde15074e36899e0f993d9fa95f_spora
Size

257KB
MD5

010b6dde15074e36899e0f993d9fa95f
SHA1

3af04c3ecfa3a0f169bdd55db8dddb4306c7f3d7
SHA256

2a5d33e724d715d97068198a65e20d1a6967ca2f5293711f5f23187501685fbd
SHA512

bc7e24026689901b42ae478831ce4bde9520fa7b453034fe882fc30e53101a624a0cfe68f779196dc299e433eed46e160a2e1c60e7bd742e80abf01b0cd0e21d
SSDEEP

6144:Zw5s4w5sIMsZwtI9K72UIETOhiJq2EKKbOEWVZ9UuCUrbJ+RX6:a5sd5sIM/Xm0g2Erju9UgrbME

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2025-02-03_010b6dde15074e36899e0f993d9fa95f_spora

Files

2025-02-03_010b6dde15074e36899e0f993d9fa95f_spora
.exe windows:4 windows x86 arch:x86

187726ad23f4496ae07e663ddd798a86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragQueryFileW
ShellAboutA
DuplicateIcon
PathIsSlowA
SHGetDataFromIDListW
SHGetFileInfoA
SHGetSettings
StrStrW
SHCreateDirectoryExA
ExtractIconA
StrChrA
IsNetDrive
StrRChrA

user32

MapVirtualKeyA
GetClassInfoA
LoadStringA
CreateDesktopW
SetCursorPos
IsCharLowerA
CharToOemW
CreateDialogParamA
PostMessageA
GetMessageA
CreateWindowExW

wtsapi32

WTSCloseServer
WTSVirtualChannelClose
WTSQuerySessionInformationW
WTSQueryUserToken
WTSVirtualChannelPurgeOutput
WTSSetSessionInformationW
WTSEnumerateServersW
WTSSendMessageW
WTSVirtualChannelOpen
WTSVirtualChannelRead
WTSOpenServerW

kernel32

OpenProcess
GetShortPathNameA
GetLogicalDriveStringsW
GetCommandLineW
UpdateResourceA
MoveFileExW
CompareStringW
OpenJobObjectW
SystemTimeToFileTime
TlsGetValue
CreateMailslotA
FindAtomA
CopyFileA
SetCurrentDirectoryA
GetModuleHandleA
CreateFileA
WaitForSingleObject
WriteConsoleA
GetNumberFormatW
CreateJobObjectA
GetSystemTime
GetCurrentProcess
GetCurrentThreadId
CreateDirectoryA
FindClose
GetPrivateProfileStringW
lstrcmpi
GetFullPathNameA
WriteProcessMemory
GetEnvironmentStringsA
GetDateFormatA
GetProcAddress
GetVolumeInformationA
CreateMutexW
GetStringTypeW

clbcatq

SetSetupSave
DowngradeAPL
ComPlusMigrate
SetSetupOpen

nddeapi

NDdeShareEnumA
NDdeShareSetInfoA
NDdeShareDelA
NDdeShareAddA

Exports

Exports

m
uko

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

187726ad23f4496ae07e663ddd798a86

Headers

File Characteristics

Imports

shell32

user32

wtsapi32

kernel32

clbcatq

nddeapi

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 220KB - Virtual size: 217KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 220KB - Virtual size: 217KB