41394e84ad26055a9e18a0fb3d3ab8c8

General

Target

41394e84ad26055a9e18a0fb3d3ab8c8
Size

96KB
MD5

41394e84ad26055a9e18a0fb3d3ab8c8
SHA1

0b0e5e66d3da140948e478980cd2291e5560b2a1
SHA256

0c1c51d7e88c5b011ad23825bd91bc5caaeac6a21b62e6282e21f4e96e4761ee
SHA512

2ba8a0a04f0e40ba44dceb114c2b236fcc3dce75e3fcb960c4c8f54c0728d9f0b565542d8b3f48e83c1240068765ab7299a4b887046fc7cd8ab96cb445ee7509
SSDEEP

1536:X5jienzRdzsfBW+YtpqFKIlBF601559BHP9OtCCGoc:X5jtn78ZYLqblBFp15bBsGoc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41394e84ad26055a9e18a0fb3d3ab8c8

Files

41394e84ad26055a9e18a0fb3d3ab8c8
.dll windows:4 windows x86 arch:x86

73be528003ba8538a5f7d51e4f53ed48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetCurrentProcessId
GetProcAddress
LoadLibraryA
ResumeThread
SetThreadContext
GetThreadContext
SuspendThread
GetCurrentThreadId
CreateThread
ReadProcessMemory
OpenProcess
VirtualProtect
VirtualAlloc
Sleep
FlushFileBuffers
GetCommandLineA
GetVersion
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
ExitProcess
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
IsBadWritePtr
IsBadReadPtr
HeapValidate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapFree
VirtualFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
HeapAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetFilePointer
SetStdHandle

user32

SetWindowLongA
CallWindowProcA
FindWindowA
SendMessageA
GetWindowThreadProcessId
MessageBoxA

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73be528003ba8538a5f7d51e4f53ed48

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 21KB

.reloc Size: 8KB - Virtual size: 5KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 21KB

.reloc
Size: 8KB - Virtual size: 5KB