10418fcd3a60d0bb85e736a326c4e73d | Triage

Sharing

General

Target

10418fcd3a60d0bb85e736a326c4e73d
Size

21KB
MD5

10418fcd3a60d0bb85e736a326c4e73d
SHA1

48fd166534b6a6abdc05cd18aa634095d4b95bad
SHA256

1c1d79429a64ef7c545ab6e20a59b6ec899e2e153779dd4698a5ef3481349f89
SHA512

a996942c974704eb6d4fce7ea5a4b31c8768e0ab464d060ebf179f61e7e8bca8ccbd0742d61e39fd496473a42f2c0bdeb586ad098c2c53e877bf186b4139bbe2
SSDEEP

384:TujjSdgcmF5aAn9QUEK9X3Ybo0CDTi9xbTpRzDap1S:yjjSdpmTaHUP9bJ6l/zDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10418fcd3a60d0bb85e736a326c4e73d

Files

10418fcd3a60d0bb85e736a326c4e73d
.dll windows:4 windows x86 arch:x86

0c636198759e9459979c76d20ae18062

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetModuleHandleA
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetShortPathNameA
ExpandEnvironmentStringsA
GetModuleFileNameA
MultiByteToWideChar
VirtualAllocEx
CloseHandle
ReadFile
GetFileSize
WriteFile
SetFilePointer
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapSize
ReadProcessMemory
VirtualFreeEx
CreateFileA
WriteProcessMemory

user32

DispatchMessageA
TranslateMessage
GetMessageA
SetWindowsHookExA
CallNextHookEx

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

ole32

CoCreateInstance

ws2_32

WSAGetLastError
WSASetLastError

shlwapi

StrStrA

Exports

Exports

_IWMPEvents@16
calloc
free
malloc
memmove
realloc

Sections

.bss
Size: - Virtual size: 561B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ