1d73f601ddf62668da8e4be6142d2476

Sharing

Copy URL Twitter E-mail

General

Target

1d73f601ddf62668da8e4be6142d2476
Size

18KB
MD5

1d73f601ddf62668da8e4be6142d2476
SHA1

496c8ba14636b7fd50b9383a008d8073dbbcd670
SHA256

3c62084ce88ba71daa8855223509518725367ec9764a25f3934faf854162d7d7
SHA512

b6823433958d730e0dc6c3ee1a90db77f98ba6c19279e5954bdccb0eb9e7bda58536982f6a30509cf07f43045bb4f40022599fbe2b8b5a07caf1598984ff54b7
SSDEEP

384:Ed8l3sqq1MkXDQnnXSRughI3h4xVTUCnz:JszlXmnguyAwVPnz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d73f601ddf62668da8e4be6142d2476

Files

1d73f601ddf62668da8e4be6142d2476
.dll windows:4 windows x86 arch:x86

24dfc3209417f3eb4eda17ca8c79917c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
lstrlenA
GetLastError
lstrcatA
GetTickCount
GetTempPathA
GetModuleHandleA
lstrcpyA
lstrcmpA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
ExitProcess
DisableThreadLibraryCalls

user32

ToAscii
GetKeyboardState
GetFocus
SetWindowTextA
SendMessageA
GetWindowTextLengthA
GetDlgItem
GetParent
GetDlgCtrlID
GetTopWindow
SetWindowsHookExA
CallNextHookEx
GetWindowTextA
UnhookWindowsHookEx
FindWindowExA
IsWindowVisible
wsprintfA

msvcp71

?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@XZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE?AViterator@12@V312@@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

msvcr71

malloc
__CppXcptFilter
_adjust_fdiv
_initterm
free
_onexit
__dllonexit
_except_handler3
__security_error_handler
_callnewh
__CxxFrameHandler
??3@YAXPAX@Z
??_V@YAXPAX@Z
isalnum

urlmon

URLDownloadToFileA

Exports

Exports

ClearOWKeyHook
SetAsdeHook
SetCncHook
SetOWHook
SetPopHook
SetPopWnd
SetQQHook
SetUCHook
UnSetAsdeHook

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

MySec
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

24dfc3209417f3eb4eda17ca8c79917c

Headers

File Characteristics

Imports

kernel32

user32

msvcp71

msvcr71

urlmon

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

MySec Size: 512B - Virtual size: 100B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

MySec
Size: 512B - Virtual size: 100B

.reloc
Size: 2KB - Virtual size: 2KB