1d93a21a16426ba4e6fb911582157df7

General

Target

1d93a21a16426ba4e6fb911582157df7
Size

18KB
MD5

1d93a21a16426ba4e6fb911582157df7
SHA1

8ec9a98c24e4462794cada6c40c7afd1d06926a1
SHA256

a5791e474c3496ab31001a146b68ce88404d40779630c10a543b8df07d368d25
SHA512

5d6fbc42d71e40572687de62fbdca6c864ca86c51a1ccb556a49c665d255c26efee4b5d37ccba357652e1bf2228eeb17c12b4c3e69e3bd996c2470a5541945cf
SSDEEP

192:pS42vLivNVY1agrmIhZ3z0iN+kyrslAXZ9Uxt+TE/KXwBjeRNdKHo08:p8+vxIz0iTnqX0rfSCqRNdKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d93a21a16426ba4e6fb911582157df7

Files

1d93a21a16426ba4e6fb911582157df7
.dll windows:4 windows x86 arch:x86

39bbd901d78074153ada420154bf305f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
LoadLibraryA
WriteProcessMemory
VirtualAllocEx
FindClose
FindNextFileA
lstrcpynA
lstrcmpA
FindFirstFileA
VirtualProtectEx
Module32Next
Module32First
ReadFile
GetModuleFileNameA
GetLastError
OpenProcess
WinExec
TerminateProcess
GetCurrentProcess
ExitProcess
SuspendThread
OpenThread
ReleaseMutex
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
GetSystemDirectoryA
lstrlenA
GetModuleHandleA
GetProcAddress
WriteFile
GetTempPathA
GetTickCount
lstrcpyA
Sleep
CreateMutexA
CreateThread
CloseHandle
GetCurrentProcessId

user32

EnumWindows
SetThreadDesktop
OpenDesktopA
GetWindowThreadProcessId
OpenWindowStationA
MessageBoxA
wsprintfA
SetProcessWindowStation

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shlwapi

StrStrIA

msvcrt

??3@YAXPAX@Z
strcmp
_purecall
strncat
strcat
strlen
memcpy
strstr
memset
strncpy
strcpy
_itoa
??2@YAPAXI@Z

wininet

InternetCloseHandle

Sections

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39bbd901d78074153ada420154bf305f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

wininet

Sections

.bss Size: - Virtual size: 13KB

.data Size: 14KB - Virtual size: 13KB

.shared Size: 1024B - Virtual size: 532B

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 13KB

.data
Size: 14KB - Virtual size: 13KB

.shared
Size: 1024B - Virtual size: 532B

.reloc
Size: 2KB - Virtual size: 1KB