1042d8ccc939d39cdb67de56ce9f449b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1042d8ccc939d39cdb67de56ce9f449b
Size

19KB
MD5

1042d8ccc939d39cdb67de56ce9f449b
SHA1

83d2a3a181308600b553fdf1a6574f7e16ef6225
SHA256

e0aaef0a06af5c85e50f44a618a87e6c4efce736155359daca4aa195d0e34efb
SHA512

8af562780f0b3f8a49aaa1e1624e21d9663b6c3ed8737aca748cba808e4cd7ca1d374b6ef2b5a48cb00b044fbf524368663e91cd0db36e03eae3c8ae5c6f33e1
SSDEEP

192:cJI+0Wj3tDa1dHkIOess8CFKOFN4hzGXq4/J0n/eWloL+iInLBEgLUsY1qv3WyJK:cp3SL8OFakALC2Uno0bIwUr0tBy/30N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1042d8ccc939d39cdb67de56ce9f449b

Files

1042d8ccc939d39cdb67de56ce9f449b
.dll windows:4 windows x86 arch:x86

a103133f475cef3b06ec15c51be8810f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ExitProcess
lstrcpyA
lstrcmpA
Sleep
lstrlenA
lstrcmpiA
GetTickCount
lstrcpynA
WideCharToMultiByte
GetSystemTime
GetPrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
GetModuleFileNameA
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

HttpQueryInfoA
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetReadFile
InternetCloseHandle

Exports

Exports

hkf
hkn

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ