4d28e010062eae4b0664a0878cc422ea

General

Target

4d28e010062eae4b0664a0878cc422ea
Size

15KB
MD5

4d28e010062eae4b0664a0878cc422ea
SHA1

c55735f127280cc583453e56268e13b427146c78
SHA256

c6e7eb19fd4137b1830c5f79001fd3d99c2090d1cb84afacfe08b0ea746a3d42
SHA512

7ac565085ac0e05565eec500539ff6c4709bb6b7f6a81494d66acbe8d3ba5cceb7776ab3a35742683298d5cf8166c7195224c6f3ee3671b96bc0d01ccf24be80
SSDEEP

192:lFNL56lC5KAg2C1P1bAC/Lzg0mISblmPGu1pxwv+GNd:lFhcAg2CFCw3m8Gu1piWGX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d28e010062eae4b0664a0878cc422ea

Files

4d28e010062eae4b0664a0878cc422ea
.dll windows:4 windows x86 arch:x86

b3da55ae099facacaaf11a231eb4d441

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
VirtualProtectEx
ReadProcessMemory
GlobalFree
GlobalLock
GetModuleHandleA
GetCurrentProcessId
CreateThread
GetCurrentProcess
CreateEventA
SetThreadPriority
OutputDebugStringA
GetCurrentThread
FreeLibrary
GlobalUnlock
GetComputerNameA
GetProcAddress
OpenProcess
VirtualAllocEx
WriteProcessMemory
VirtualFreeEx
CreateRemoteThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualFree
GlobalAlloc
VirtualAlloc

user32

GetWindowTextA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
GetCursor
GetDC
GetDCEx
GetDesktopWindow
GetWindowThreadProcessId
FindWindowA
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

gdi32

CancelDC
Chord
GetBkMode
GetBkColor

advapi32

RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3da55ae099facacaaf11a231eb4d441

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

wininet

Sections

.text Size: 12KB - Virtual size: 12KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 950B

.text
Size: 12KB - Virtual size: 12KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 950B