023f4189b6e617e0c6bb182a267b2fe5

Sharing

Copy URL Twitter E-mail

General

Target

023f4189b6e617e0c6bb182a267b2fe5
Size

38KB
MD5

023f4189b6e617e0c6bb182a267b2fe5
SHA1

631446395147c42d4f0f83127e58bb5603ad191d
SHA256

344448a4d0668ae9b2958bf7c6b94ec3ee2dfbbd8b1e3ec252479170ca9b501c
SHA512

a1be097925c9f67cb7f9453a41adca088df2f2bdedfe949767ef77898c53a17f521cf7dcab46fa146302474a78c2d2f39be1a43e21dda4a077a110e1c98c3f33
SSDEEP

768:ASKs29ow+1ii2a/SxEEOc4gqWmv0zQ6KwH7rjxya2J6Fv:529OiifSxicJqWmanMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
023f4189b6e617e0c6bb182a267b2fe5

Files

023f4189b6e617e0c6bb182a267b2fe5
.dll windows:4 windows x86 arch:x86

6f32841586ff58a77938e70f79d51575

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

msvcrt

strrchr

psapi

GetModuleFileNameExA

user32

ExitWindowsEx

shlwapi

StrCmpW

gdi32

DeleteObject

imm32

ImmReleaseContext

winmm

waveInUnprepareHeader

avicap32

capCreateCaptureWindowA

ole32

CreateStreamOnHGlobal

advapi32

RegCloseKey

ws2_32

listen

shell32

ShellExecuteA

Exports

Exports

DoMainWork
DoService
ServiceMain

Sections

.1210
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1211
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1212
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1213
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1214
Size: - Virtual size: 1018B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.456
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f32841586ff58a77938e70f79d51575

Headers

File Characteristics

Imports

kernel32

msvcrt

psapi

user32

shlwapi

gdi32

imm32

winmm

avicap32

ole32

advapi32

ws2_32

shell32

Exports

Exports

Sections

.1210 Size: - Virtual size: 80KB

.1211 Size: - Virtual size: 4KB

.1212 Size: - Virtual size: 16KB

.1213 Size: 32KB - Virtual size: 36KB

.1214 Size: - Virtual size: 1018B

.456 Size: 1KB - Virtual size: 4KB

.1210
Size: - Virtual size: 80KB

.1211
Size: - Virtual size: 4KB

.1212
Size: - Virtual size: 16KB

.1213
Size: 32KB - Virtual size: 36KB

.1214
Size: - Virtual size: 1018B

.456
Size: 1KB - Virtual size: 4KB