04ab9177e9559ddb067da01e13d459fe | Triage

Sharing

General

Target

04ab9177e9559ddb067da01e13d459fe
Size

11KB
MD5

04ab9177e9559ddb067da01e13d459fe
SHA1

bb23d080499757c607247da72614b87a59a789db
SHA256

1355c45e380e26c15f637e70fd86621557ab4230e0b1d347964a7f0a78f503d6
SHA512

e4c434dfe81d4b0789062e89f8b77003af24bd49ed5e11028b2308ed96c997e19bdb7ae8519cede6956b6161f25072d6a9af49c0dfd1dee287fe6e1e2771c857
SSDEEP

192:ejxO8zChFRJg2FpDTKfzKA7YEHEqM0Uj48gqjf6yEg2TEhtuTdMBVnro:3yCY2F6HYEHEqMG8LjITEht7Lro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04ab9177e9559ddb067da01e13d459fe

Files

04ab9177e9559ddb067da01e13d459fe
.dll windows:4 windows x86 arch:x86

7c453e4eac131da6bbe6f36647116514

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
Sleep
GetLastError
CreateMutexA
GetModuleFileNameA
GetCurrentProcess
GlobalFree
ReadProcessMemory
GlobalLock
GlobalAlloc
IsBadReadPtr
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
SetLocalTime
GetLocalTime
WriteProcessMemory
ExitProcess
GlobalUnlock
GetComputerNameA
GetCurrentThread
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot

user32

FindWindowA
CallNextHookEx
SetWindowsHookExA
GetWindowTextA

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA

msvcrt

_stricmp
_adjust_fdiv
malloc
_initterm
free
strcmp
strrchr
??3@YAXPAX@Z
memset
memcpy
??2@YAPAXI@Z
strncpy
strchr
strlen
strcpy
sprintf

Exports

Exports

fx

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdat
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ