08f3d0d5b2ab9cfb941244cba9aedaaf

Sharing

Copy URL Twitter E-mail

General

Target

08f3d0d5b2ab9cfb941244cba9aedaaf
Size

286KB
MD5

08f3d0d5b2ab9cfb941244cba9aedaaf
SHA1

8ef40df861095f8aa57ba643e2bde7c3bca0f193
SHA256

0e1a46366012fbb9a9ce5bdd54980f8d2164a2744a2fc13a72a23e0e940064b2
SHA512

0dcaf89084c0018e1670edec8b28725984dc05fc291e8e8f30a34b8b1ede4c6d61713630603bdb330eb05fbf5e33f64fa6bd36c42886a75dd0108ee8b01719fd
SSDEEP

6144:Y12Q6UXdT50z5nVz460wzKAeQGS8SNv5+rYxSS5w2GaQ18U:Yg35+rYcojQ+U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08f3d0d5b2ab9cfb941244cba9aedaaf

Files

08f3d0d5b2ab9cfb941244cba9aedaaf
.dll windows:5 windows x86 arch:x86

9f400f2e21b2eb972570e615652fb023

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WaitForSingleObject
WriteFile
CreateEventA
CreateProcessA
GetCurrentThreadId
SetProcessShutdownParameters
GetProcAddress
LoadLibraryA
HeapAlloc
HeapFree
GetProcessHeap
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSize
GetLastError
SetLastError
GetCurrentProcess
Process32First
IsBadReadPtr
GetPrivateProfileIntA
ReadFile
Module32First
lstrcmpiA
GetPrivateProfileStringA
Process32Next
WritePrivateProfileStringA
GetSystemInfo
GetModuleHandleA
CreateToolhelp32Snapshot
GetModuleFileNameA
GetVersionExA
GetCurrentProcessId
GetTempPathA
InterlockedIncrement
InterlockedDecrement
SetEvent
CreateSemaphoreA
SetThreadPriority
ReleaseSemaphore
WaitForMultipleObjects
DeleteCriticalSection
ResumeThread
OpenProcess
TerminateProcess
GetCurrentDirectoryA
CreateThread
GetCurrentThread
GetCommandLineA
GetThreadContext
SetThreadContext
VirtualQuery
InterlockedCompareExchange
FlushInstructionCache
VirtualAlloc
VirtualProtect
DebugBreak
SuspendThread
ReadProcessMemory
CreateRemoteThread
VirtualFreeEx
VirtualAllocEx
OutputDebugStringA
CreateFileW
ReadConsoleW
FlushFileBuffers
WriteConsoleW
DeviceIoControl
Sleep
Module32Next
CreateFileA
SetStdHandle
OutputDebugStringW
WriteProcessMemory
GetStringTypeW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
RtlUnwind
HeapReAlloc
FreeLibrary
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetFileType
EncodePointer
DecodePointer
ExitThread
LoadLibraryExW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
RaiseException
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle

user32

SetWindowsHookExA
GetSystemMetrics
wsprintfA
GetInputState
CallNextHookEx
PostThreadMessageA
GetMessageA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

ws2_32

htons
WSACleanup
recv
gethostbyname
connect
inet_addr
shutdown
socket
send
WSAStartup
inet_ntoa
htonl
getaddrinfo
GetAddrInfoW
freeaddrinfo
FreeAddrInfoW
closesocket

Sections

.text
Size: 292KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f400f2e21b2eb972570e615652fb023

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 292KB - Virtual size: 292KB

.text
Size: 292KB - Virtual size: 292KB