1c5ed365f9b3b3605b75929f77e76639

Sharing

Copy URL

Twitter E-mail

General

Target

1c5ed365f9b3b3605b75929f77e76639
Size

88KB
MD5

1c5ed365f9b3b3605b75929f77e76639
SHA1

6af818b3555104cac0a28e7dbb18d6e7bed69615
SHA256

781ffddbc16912e9097bff9058ddeac55dd2123f2e4cdf52235cfee59d7be196
SHA512

692f6f7309556bbee4f3993da248c19e8ded68b054fc85791315c2a42ad5231c6573997a22e36e8aa589de0da46b3fa1dd6a8b5edf6a18f86fc038777ed5e367
SSDEEP

1536:L4nkzqh8/Bklrd6RrekEWyinu1dQa3qJFeepC7brlAmE0rZWi+emZK:6O6OQkEWyinsdP3qDpC7HlPE0dia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c5ed365f9b3b3605b75929f77e76639

Files

1c5ed365f9b3b3605b75929f77e76639
.dll windows:5 windows x86 arch:x86

14d5c60cca0a9c2887ded818146219f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

HttpSendRequestA
HttpAddRequestHeadersA
InternetCloseHandle
HttpSendRequestW
InternetSetOptionW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
InternetConnectW
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA
InternetOpenA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
InternetReadFile
InternetOpenW

ntdll

strncpy
memcpy
_chkstk
memset

gdiplus

GdipCloneImage
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree

kernel32

GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
OutputDebugStringW
MoveFileExW
lstrcpynW
WideCharToMultiByte
MultiByteToWideChar
GetLastError
lstrcatA
lstrcpynA
GetExitCodeThread
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetModuleHandleExW
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
FreeLibrary
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
ReadFile
SetFilePointer
lstrlenW
GetModuleFileNameA
UnmapViewOfFile
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW
lstrcpyA
GetTickCount
lstrlenA
SetEvent
lstrcpyW
WriteProcessMemory
VirtualProtect
GetLocalTime

user32

GetKeyboardState
GetClassNameW
wsprintfW
wsprintfA
IsCharAlphaNumericW
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
ToAscii

gdi32

SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateDIBSection
CreateCompatibleDC

advapi32

CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
CryptAcquireContextW

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14d5c60cca0a9c2887ded818146219f6

Headers

DLL Characteristics

File Characteristics

Imports

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB