1fc44610c7ee2b1cdbd30017b933d944 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1fc44610c7ee2b1cdbd30017b933d944
Size

17KB
MD5

1fc44610c7ee2b1cdbd30017b933d944
SHA1

9b4ce3ad57db2e0d6afff9cb3c07aa5ffcdf380a
SHA256

2a3e722fb62b43f45fcaf9e802ff319bd36d9ae31cd1d10e7afac57101ffcf73
SHA512

b28ac5911e3b7498f3280391f5193e82a1856cc988bfac1157c64aa622e40f2038c7badda668b35fe4c41621fd415109852766e3cbeae7b29e853e0911c235b1
SSDEEP

192:1F8LCd6CxEnnryNo2v0KttAtuFLiC9n+hjPlkDKD:1FNd66k6b0Ktt5WCn8BcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1fc44610c7ee2b1cdbd30017b933d944

Files

1fc44610c7ee2b1cdbd30017b933d944
.dll windows:5 windows x86 arch:x86

dc76e207c4351da3ba974e07d294f02a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

msvcrt

memset
wcsstr
strstr
atoi
memcpy

kernel32

GetModuleHandleA
VirtualProtect
lstrcpyA
Sleep
lstrlenW
WideCharToMultiByte
VirtualAlloc
CreateThread

user32

wsprintfA
FindWindowA
GetWindowTextA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ