24ff84d639439ff9aa015e3b8f89f923

General

Target

24ff84d639439ff9aa015e3b8f89f923
Size

14KB
MD5

24ff84d639439ff9aa015e3b8f89f923
SHA1

fcf1a965ac26a66159953eee90ba9fef877aad13
SHA256

179e77e69e05b0cdc50c876c05c5eadb2abfd439a919fa1bc26e7f79f8856e6a
SHA512

754bbd78d89b9830806f94ba2c5b70a25b7ffa3684aaef50e6d649c89f93e7c82f9e899d243bc4ac044a08dd6fb389b35b3115901a1a70034ab74c0cbd96c1cc
SSDEEP

192:hcZ/cugrUPZjpRr2G6fRXXWhpGGVvR51p5DSQu15GteQZv8hhtt+3fSj2G2An:hcZ/cugwPtP36JopGGVvR51p+Ast+8j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ff84d639439ff9aa015e3b8f89f923

Files

24ff84d639439ff9aa015e3b8f89f923
.dll windows:4 windows x86 arch:x86

b07a31bbb32a708b1a2267bb5379b4ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
Sleep
VirtualProtectEx
WideCharToMultiByte
ReadProcessMemory
GlobalLock
GlobalAlloc
IsBadReadPtr
GetCurrentProcess
CreateThread
GlobalFree
GetModuleFileNameA

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

msvcrt

_adjust_fdiv
malloc
_initterm
free
_stricmp
strcmp
strrchr
??3@YAXPAX@Z
strcpy
??2@YAPAXI@Z
sprintf
strlen
strncpy
strchr
strstr
fclose
fread
fopen
memset
memcpy

Exports

Exports

fa
fc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b07a31bbb32a708b1a2267bb5379b4ec

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 536B

sdt Size: 512B - Virtual size: 269B

.reloc Size: 1024B - Virtual size: 526B

0 Size: 5KB - Virtual size: 5KB

1 Size: 1024B - Virtual size: 928B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 536B

sdt
Size: 512B - Virtual size: 269B

.reloc
Size: 1024B - Virtual size: 526B

0
Size: 5KB - Virtual size: 5KB

1
Size: 1024B - Virtual size: 928B