3eed614f154c922d10fe4e04433a92d4

General

Target

3eed614f154c922d10fe4e04433a92d4
Size

28KB
MD5

3eed614f154c922d10fe4e04433a92d4
SHA1

10d468ed92e214a61b866db53a28525f4f885e8f
SHA256

ba3ff52d01f304c78c49b3a1336f85c9a4390ef947fb4186ca97c02701707f73
SHA512

55ced2cddd6af8bb4c8fdc97b1dc4c95be5de65cd26d32c3ef63c74a0e3b5a1955fb8e846c2e7efdf2b8bc4b30c7d97df18b21117b223f22751a22056914e43c
SSDEEP

768:Ga0syW6p9F5Vx5zuWWnR+nt9MBBQARQkufVZql:6Wu3Q+tmBBQARMq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3eed614f154c922d10fe4e04433a92d4

Files

3eed614f154c922d10fe4e04433a92d4
.dll windows:4 windows x86 arch:x86

e1597bd40b93e99ceb034117ae462e2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

closesocket
gethostname

ntdll

strstr
strlen
memcpy
memcmp
RtlZeroMemory
RtlUnwind

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA

kernel32

UnmapViewOfFile
VirtualProtectEx
MapViewOfFile
CreateFileMappingA
lstrcmpA
OutputDebugStringA
TerminateThread
Sleep
IsBadReadPtr
CloseHandle
CreateFileA
CreateProcessA
DeleteFileA
GetCurrentProcessId
GetExitCodeThread
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetTempFileNameA
GetTempPathA
GlobalAlloc
GlobalFree
LoadLibraryA
MoveFileExA
ReadFile
VirtualAlloc
VirtualFree
CreateThread
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

user32

SetWindowsHookExA
SendMessageA
RegisterWindowMessageA
KillTimer
GetWindowThreadProcessId
UnhookWindowsHookEx
FindWindowA
CallNextHookEx
SetTimer
wsprintfA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

ole32

StringFromGUID2

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1014B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1597bd40b93e99ceb034117ae462e2a

Headers

File Characteristics

Imports

ws2_32

ntdll

wininet

kernel32

user32

advapi32

ole32

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 1014B

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 1014B