c0c143cd42396a59a3957173fbb916082eae17f8bdef2a9ecb79a3926f9cb5dd

Sharing

Copy URL Twitter E-mail

General

Target

c0c143cd42396a59a3957173fbb916082eae17f8bdef2a9ecb79a3926f9cb5dd
Size

18KB
MD5

1111cb2a788c66b5138bd2531be76909
SHA1

f9eae2c740408076c7726837b31aa707794ed9c7
SHA256

c0c143cd42396a59a3957173fbb916082eae17f8bdef2a9ecb79a3926f9cb5dd
SHA512

f3a682474bba5d1ddf2f2855e17d74efff4944ed4c2c4e0b8ead6cd0f5109db8b00abab26304fb23ef4d0bd3207d3e87d90ab97db353a3471fbd34652f0cc092
SSDEEP

384:vviTWTbWDHjvHyHeWuthiKz23erGTem2PQj7Yv4daWWmx2WS:vv+vStrOrs2PQjhK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0c143cd42396a59a3957173fbb916082eae17f8bdef2a9ecb79a3926f9cb5dd

Files

c0c143cd42396a59a3957173fbb916082eae17f8bdef2a9ecb79a3926f9cb5dd
.dll windows x86

919d08d8e3ef0e754bc83cbc3bbf0450

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
memmove

user32

LoadStringW

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CloseHandle
CreateMutexW
DisableThreadLibraryCalls
ReleaseMutex
WaitForSingleObject
LocalAlloc
LocalFree
lstrcpyW
lstrlenW
GetWindowsDirectoryW
GlobalFree
GlobalUnlock
lstrcmpiW
lstrlenA
GlobalHandle
lstrcatW
GlobalLock
GlobalAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCurrentProcess

advapi32

RegOpenKeyW
RegQueryValueExW
RegCloseKey

winmm

midiOutReset
mmioRead
mmioSeek
midiStreamOut
midiStreamProperty
midiStreamPause
DefDriverProc
mmioClose
mmioAscend
mmioDescend
mmioOpenW
midiOutMessage
midiOutGetDevCapsW
DriverCallback
midiOutClose
midiOutOpen
midiStreamOpen
midiOutUnprepareHeader
midiOutPrepareHeader
midiStreamClose
midiStreamPosition
midiOutSetVolume
midiOutShortMsg
midiOutLongMsg
midiOutCacheDrumPatches
midiOutCachePatches
midiStreamStop
midiStreamRestart

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

919d08d8e3ef0e754bc83cbc3bbf0450

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

kernel32

advapi32

winmm

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB