0d9e90c3cfd0197f4758fa1553bf20c5 | Triage

Sharing

General

Target

0d9e90c3cfd0197f4758fa1553bf20c5
Size

14KB
MD5

0d9e90c3cfd0197f4758fa1553bf20c5
SHA1

fd3fbca4a8061117e5da757240937349b8cf3bc4
SHA256

ae07d78eadbde7566c5355b80b1e70be2c6c962f403eda3a21ecd60a283e657a
SHA512

1d22d5b9033e5698b09e68a6df97e63dae9ca8ddfda6b584f100bc56f0597df8d4b71f8a6cb2fbf2dc94f1d89f21646dfb0e1eae96c6377367739a2feaa14580
SSDEEP

192:rDU56L/W9BilFsPCoIsZdaoNoUPbV00Lz6vGsd8pOdJTv9UUfNqpDDKGTRg70YOv:XUi8zP797pOdxqpNTeg1Liv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d9e90c3cfd0197f4758fa1553bf20c5

Files

0d9e90c3cfd0197f4758fa1553bf20c5
.dll windows:4 windows x86 arch:x86

bea8ed762f21b3884c69960db3d6b2b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
TerminateProcess
GetCurrentProcess
GetFileSize
HeapAlloc
GetProcessHeap
VirtualProtect
FreeLibrary
Sleep
GetModuleHandleA
LoadLibraryA
WideCharToMultiByte
GetSystemDirectoryA
GetCurrentProcessId
CreateThread
GetPrivateProfileStringA
GetFileAttributesA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetModuleFileNameA

user32

wsprintfA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
wvsprintfA

wininet

HttpQueryInfoA
InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

free
strrchr
_adjust_fdiv
_initterm
_strcmpi
strstr
sprintf
strncpy
malloc
_except_handler3
_strlwr

ws2_32

WSAGetLastError
closesocket

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ