044e03c0b9542506ccc8279076e7bc22

General

Target

044e03c0b9542506ccc8279076e7bc22
Size

21KB
MD5

044e03c0b9542506ccc8279076e7bc22
SHA1

df1175d1adc8a744c87263c31ce564757e8bb536
SHA256

dbebc6a4adc4a4bb0f1d9f879cdeb1e5953584bff4bdc62a33e5cd454220da5b
SHA512

e52697613fb8ce3dd2c1dc9c8d4eeb469bb9888276c09d7dee8803a3a8288a2a86a5af8d22f23d3d1b82118a62eca2ec94b3fc0efaa3bab37d0e3f8ce48071aa
SSDEEP

384:09UhXD2kI9jQaNF/E9n85dGDSOQ6dytdCaIp:CUhO9jNzc98HivFdCdxm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044e03c0b9542506ccc8279076e7bc22

Files

044e03c0b9542506ccc8279076e7bc22
.dll windows:4 windows x86 arch:x86

3aac83ee204bab8be27ccfe862e2304c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetModuleHandleA
AddVectoredExceptionHandler
InitializeCriticalSection
IsBadReadPtr
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
FlushInstructionCache
GetCurrentProcess
Thread32Next
SetThreadContext
GetThreadContext
OpenThread
GetCurrentProcessId
Thread32First
CreateToolhelp32Snapshot
GetProcessHeap
HeapAlloc
OutputDebugStringA
CreateFileA
Process32Next
Process32First
TerminateProcess
OpenProcess
GetLastError
LoadLibraryA
OpenMutexA
GetVersion
Sleep
SetFilePointer
ReadFile
CloseHandle
GetFileSize
GetModuleFileNameA
CreateThread

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
memcpy
_except_handler3
strcat
strrchr
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
strcpy
free
strncpy
memset
??3@YAXPAX@Z
malloc
strlen

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

user32

wsprintfA
wvsprintfA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3aac83ee204bab8be27ccfe862e2304c

Headers

File Characteristics

Imports

kernel32

msvcrt

wininet

advapi32

user32

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB