1da993e8d3318747676b7ec91b9f3172

General

Target

1da993e8d3318747676b7ec91b9f3172
Size

15KB
MD5

1da993e8d3318747676b7ec91b9f3172
SHA1

0f6d00fab274ba5691edc8ab4887b596ac0a55c4
SHA256

b346da4134a5dc3b19b89f29779c58aa647431932837f26c4f7d9e463d09c793
SHA512

2b7221c2093e47d1fb873ab9f2b1de9cddce93bb6067b3770f42fbed9ad62a6e259f22a616e01c2628a62a1eb35ad3b2c553bab268b0d85808dee137b8e0a03d
SSDEEP

384:h2XnlnaS1V3V21WfVXca19O+2Mgd9xcaa0RTW0:h2VnFV30Wb1kd9+aa0R5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1da993e8d3318747676b7ec91b9f3172

Files

1da993e8d3318747676b7ec91b9f3172
.dll windows:4 windows x86 arch:x86

01f4c35c226c4dcee75d5e5ad5d3ecc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
GetProcAddress
GetModuleHandleA
GetCurrentThread
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCommandLineA
GlobalFree
WriteProcessMemory
GetPrivateProfileStringA
IsBadReadPtr
WideCharToMultiByte
GetCurrentProcessId
GetLocalTime
SetLocalTime
Sleep
GetCurrentProcess
VirtualProtectEx
GetModuleFileNameA
CreateThread
OpenMutexA
ReadProcessMemory
CreateMutexA

user32

UnhookWindowsHookEx
CallNextHookEx
SetWindowsHookExA
GetWindowThreadProcessId
FindWindowA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

msvcrt

fopen
_stricmp
_adjust_fdiv
malloc
_initterm
free
strstr
strncpy
strcat
sscanf
strrchr
memcpy
strcpy
sprintf
??2@YAPAXI@Z
strlen
fclose
fread
_strlwr
memset
??3@YAXPAX@Z

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01f4c35c226c4dcee75d5e5ad5d3ecc6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

msvcrt

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 3KB

sdt Size: 512B - Virtual size: 8B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 3KB

sdt
Size: 512B - Virtual size: 8B

.reloc
Size: 1KB - Virtual size: 1KB