15309fe5e512a5903183d7c243734e06 | Triage

Sharing

General

Target

15309fe5e512a5903183d7c243734e06
Size

26KB
MD5

15309fe5e512a5903183d7c243734e06
SHA1

6fc190fee4663fe881ca93d464d481ba0f365a37
SHA256

45d3648f6265ac6bfd952de2c54694f9fa7501b8f62fece5bb77e89ffdc6a05d
SHA512

d2e8da72f2952ce2f9fe6be2c4c5f2518b2ff7e214d27bbb6ea37b9e2f9ea5b91676c44584b0969dc2a34eaee3a2985f98355d5e9e2c60c98d75ed7bf9e57164
SSDEEP

192:T7BZF+MPncVJREkb5xI9zHJHTrvI90i5WaC:TN+Gn85b5xIPrvI9SaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15309fe5e512a5903183d7c243734e06

Files

15309fe5e512a5903183d7c243734e06
.dll windows:4 windows x86 arch:x86

c0ee7b1f1555818d3667410c367547ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
CreateFileA
GetModuleFileNameA
DisableThreadLibraryCalls
CreateThread
SetFileTime
GetFileTime
GetEnvironmentVariableA
DeleteFileA
CloseHandle
ExitProcess
WaitForSingleObject
GetProcAddress
CreateEventA
ReadFile
SetFilePointer
GetLastError
lstrcmpA
lstrcpyA
FreeLibrary
LoadLibraryA
GetCurrentProcessId
DeviceIoControl
lstrlenA
Sleep

user32

wsprintfA
CharUpperA

advapi32

StartServiceA
OpenServiceA
CreateServiceA
CloseServiceHandle
DeleteService
OpenSCManagerA
ControlService

wininet

InternetReadFile
InternetSetOptionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA

ws2_32

inet_ntoa
gethostbyname
inet_addr

msvcrt

memset
_adjust_fdiv
malloc
_initterm
free
memcpy
strchr
_EH_prolog
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ