0782999497610888a8746e50eb31396b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0782999497610888a8746e50eb31396b
Size

32KB
MD5

0782999497610888a8746e50eb31396b
SHA1

ad07bf0c08ae26f12d3f749106e4f04d536eea23
SHA256

e12f0bcf84b8a8c18b053e37e36c0ccaa2e47879a1f2e8b7b6909f4add7f56e2
SHA512

eedf4e650df7fa138beb3c2bee8a4f16779bae7f2894414d6c8e38e3afa37b219a9bc128458be39864e93af1ff4d84f4a7931a6e52faba922129b182a1e0b10d
SSDEEP

384:FQqBuTA/nSimiy8JrilcbV7WfJlvx8lvj1VpJ6Zj2v3sqr3GwFoW16kXRiwXNyCU:FU6nSirJO2pM8B196ZqvRFoEXRfNNG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0782999497610888a8746e50eb31396b

Files

0782999497610888a8746e50eb31396b
.dll windows:4 windows x86 arch:x86

6294739ec7dfdddf753622f346e24054

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
GetFileSize
CreateFileA
WritePrivateProfileStringA
SetFilePointer
GetProcAddress
OutputDebugStringA
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
GetLastError
WideCharToMultiByte
OpenProcess
VirtualQueryEx
ReadProcessMemory
GetFileAttributesW
CloseHandle
GetTempPathA
GetPrivateProfileStringA
Sleep
LoadLibraryA

user32

wsprintfA
GetClassNameW
GetWindow

msvcrt

memset
malloc
strcat
sprintf
strlen
??3@YAXPAX@Z
wcscmp
??2@YAPAXI@Z
mbstowcs
_stricmp
strstr
strrchr
strncpy
_except_handler3
wcslen
wcsncat
wcscpy
wcsstr
exit
printf
memcpy
_local_unwind2
_vsnprintf
free
_strcmpi
_strupr
strcpy

wininet

InternetCloseHandle

gdi32

SelectObject
BitBlt
DeleteDC
CreateDCA
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
DeleteObject

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ