4bd552fbb2cd19b226833f203987861d

Sharing

Copy URL

Twitter E-mail

General

Target

4bd552fbb2cd19b226833f203987861d
Size

14KB
MD5

4bd552fbb2cd19b226833f203987861d
SHA1

ed6151bcd2bca92d73df48d8ddc753093220109f
SHA256

eb049873fc6ed9af99ff3b109dacfd98b4b5bd2f663709d442c03a34481158c0
SHA512

4cc5f43430ca5bedf71d61143a362d8aa2180f37334a326c0c2b73aef925a338b7fda032275e7e2e4491fbec7ceacbc26e9c16c892c7fd90d62b27f2b89b0ef8
SSDEEP

192:R7BDYAk6oVnbbQbSIjwETKZQIfNN86IfNB8VWltF6Oyfqk:5BDYAkQ+UwEMQj69VWliZy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd552fbb2cd19b226833f203987861d

Files

4bd552fbb2cd19b226833f203987861d
.dll windows:4 windows x86 arch:x86

ece472082a6a7ae4b9bfd1c4a5564b72

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetFileSize
GlobalAlloc
GlobalLock
CreateFileA
Sleep
WriteFile
GlobalUnlock
GlobalFree
MultiByteToWideChar
LoadLibraryA
GetProcAddress
CloseHandle
OutputDebugStringA
GetSystemDirectoryA

user32

IsWindowVisible
GetDC
GetWindowTextA
ReleaseDC
GetWindowRect
GetDesktopWindow
GetParent
EnumWindows
GetWindowThreadProcessId

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
BitBlt
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
DeleteDC
GetDeviceCaps
CreateDCA
SelectObject

ws2_32

inet_ntoa
WSACleanup
inet_addr
gethostbyname
connect
send
recv
closesocket
WSAStartup
htons
socket

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

gdiplus

GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdipLoadImageFromFile
GdipSaveImageToFile

msvcrt

memset
memcpy
strchr
free
_initterm
_adjust_fdiv
fopen
fread
fclose
_getpid
strcat
malloc
wcscmp
strstr
strlen
strcpy
_beginthreadex
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf

Exports

Exports

KsCreateAllocator
KsCreateClock
KsCreatePin
KsCreateTopologyNode

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece472082a6a7ae4b9bfd1c4a5564b72

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

wininet

gdiplus

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB