0da162bf102626b629317cee26712844 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0da162bf102626b629317cee26712844
Size

21KB
MD5

0da162bf102626b629317cee26712844
SHA1

162a4978e59cb7c7525b5f60bca239e902cb01f9
SHA256

061f09e39814e46265cd68817f131d83738a10340cd638b3a34abfbc16f49077
SHA512

a8be44d3e320636d00b4bee80367d38e8a7fc62d7655986f65d1c68a60a6b4df56a8677c6e53ac3b2f1f6d482fd287a30eb1d0685a5aff4d5cd38fa4e2a3096d
SSDEEP

384:pgYz1h4orE9cIgwAe+1SckmBI2v7qS0n++HoHl/hjqpgkX:pXNE9eccPZhu+9Zjqpgm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0da162bf102626b629317cee26712844

Files

0da162bf102626b629317cee26712844
.dll windows:4 windows x86 arch:x86

6cfd0d01c651026861fcf861d3ac7931

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
Sleep
lstrcmpA
lstrcpyA
lstrcatA
ExitProcess
lstrcmpiA
lstrlenA
GetTickCount
lstrcpynA
GetModuleHandleA
VirtualAlloc
GetPrivateProfileIntA
GetSystemTime
WritePrivateProfileStringA
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadFile
CreateFileA
CreateThread
SetFilePointer
GetModuleFileNameA
UnmapViewOfFile
OutputDebugStringA
LoadLibraryA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
CallNextHookEx

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenUrlA

ws2_32

shutdown

Exports

Exports

DivxDecode
Hookoff
Hookon
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
ftsWordBreak

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ