1dafa48978f45acac30ecab2770be617

Sharing

Copy URL

Twitter E-mail

General

Target

1dafa48978f45acac30ecab2770be617
Size

118KB
MD5

1dafa48978f45acac30ecab2770be617
SHA1

39998f33416d931385ee1056abd7137ba6b97199
SHA256

d56812795a164d0ba2c944f20bbecf5caf0f5064f72a43d13529fd123da22429
SHA512

7af0671474abff0811a18b0721906ecf08b12f37156a3162553b95b607501fb110e4cdb112dd8b7b2f8f4500d45dcef66f047b257e9796e530dd11a409198577
SSDEEP

1536:JfmSMqqU+2bbbAV2/S2k7NrJYhYOP9HL0Uv3Cse1iyjTyBD/eTgJcq9JocykTBl:JeSMqqDL2/kTYR9W1BJgJr9Jo7kBl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1dafa48978f45acac30ecab2770be617

Files

1dafa48978f45acac30ecab2770be617
.dll windows:4 windows x86 arch:x86

308c8d7f1030fdbd6b3d70edc6684e78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
lstrcpyA
FindClose
FindNextFileA
FindFirstFileA
lstrcpynA
ExpandEnvironmentStringsA
lstrcmpA
GetWindowsDirectoryA
ReleaseMutex
GetModuleHandleA
GetLastError
CreateMutexA
GetSystemTimeAsFileTime
lstrcatA
LeaveCriticalSection
Sleep
EnterCriticalSection
CreateThread
InitializeCriticalSection
DeleteCriticalSection
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
WinExec
CreateFileA
WriteFile
CloseHandle
GetFileTime
SetFileTime
lstrlenA
GetTickCount
GetSystemTime
FlushFileBuffers
GetStringTypeW
GetStringTypeA
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
MultiByteToWideChar
LCMapStringA
LCMapStringW
RaiseException

user32

wsprintfA

advapi32

RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shlwapi

PathFileExistsA
PathIsDirectoryA

wininet

InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetSetOptionA
InternetOpenA
InternetReadFile
HttpSendRequestA

Exports

Exports

Func
_DllMain@12
regReadString
regWriteString

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shrd
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

308c8d7f1030fdbd6b3d70edc6684e78

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 109KB

shrd Size: 512B - Virtual size: 6B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 109KB - Virtual size: 109KB

shrd
Size: 512B - Virtual size: 6B

.reloc
Size: 6KB - Virtual size: 6KB