4883cc044b535ed8653c89d095d73410 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4883cc044b535ed8653c89d095d73410
Size

17KB
MD5

4883cc044b535ed8653c89d095d73410
SHA1

6379339560934eebbfaafb2fc646e2db8ab3059c
SHA256

14c8c9a21bdced71342f417940f920fb3f99b0fcc37cd51603e61b252e8dd472
SHA512

f801590fe14a389c1cee22ab2b4d8e08f8981923260f6744729b0957b0d6c660910bd7f3a10e1ccc246d790b53c7f83c3fc2754e0efc1d87d29c21b632668dd2
SSDEEP

384:EXBHo7xX9iGgOa7Pfp+/BRiBZWG5VL3ArCQB/+k7OUXiTP:EC7TiGgH7PR8BnKVL3Y+k7DX+P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4883cc044b535ed8653c89d095d73410

Files

4883cc044b535ed8653c89d095d73410
.dll windows:4 windows x86 arch:x86

fedfc33dcac1807d8e26bf3a6cf34097

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateThread
SetThreadPriority
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryA
CompareStringW
CreateProcessA
WriteFile
GetTempPathA
GetLocalTime
VirtualAlloc
VirtualFree
DeleteFileA
Sleep
CreateFileA
GetLastError
CloseHandle
LoadLibraryA
DebugBreakProcess
GetProcAddress

user32

GetDC
GetCursor

wininet

InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

gdi32

GetPixel

advapi32

OpenSCManagerA
CloseServiceHandle
ControlService
OpenServiceA
DeleteService

msvcrt

_except_handler3
sprintf
memcpy
strcat
strcpy
strrchr
strlen
memset

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

hihreus
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ