25c9686f9f28beb449625cb0d566d080

General

Target

25c9686f9f28beb449625cb0d566d080
Size

48KB
MD5

25c9686f9f28beb449625cb0d566d080
SHA1

5d4ae384fcb7c05f8b3e7c55cd51f015280ad5b4
SHA256

0b83ff552f4e910ea9819aafb7928046ceeeb0722aafab8bf748acba51c90b80
SHA512

5f00e3ad7b41b778a166524fbb00a48a7f18a9f66a0db450068e2263fedd68d4d11e546788bcccc5dbe68f394b77f5063cf3e4a7a83d8c6881a5a5a7b8b1eed2
SSDEEP

768:K7ZfUakneIVxlUMCZMLTsbUUVDGVIILalXQ65511lCn+Qbyl:oZfUjeIVxlUTZ6TsTDGVIILo5rC9ul

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25c9686f9f28beb449625cb0d566d080

Files

25c9686f9f28beb449625cb0d566d080
.dll windows:4 windows x86 arch:x86

4376ed7613e999fe404eaf4c8abffb2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
CloseHandle
ReadFile
HeapAlloc
GetFileSize
CreateFileA
WriteFile
GetLastError
HeapFree
lstrcmpiA
SystemTimeToFileTime
GetLocalTime
DisableThreadLibraryCalls
GetModuleFileNameA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
UnmapViewOfFile
GetTickCount
WideCharToMultiByte
GetVersionExA
GetProcAddress
lstrcatA
CreateToolhelp32Snapshot
FlushInstructionCache
WriteProcessMemory
VirtualAlloc
ReadProcessMemory
VirtualProtect
IsBadCodePtr
GetCurrentProcess
GetModuleHandleA
Thread32Next
GetCurrentThreadId
SuspendThread
Thread32First
ResumeThread
GetCurrentProcessId
MultiByteToWideChar
GetSystemInfo
GetProcessHeap
lstrlenA
LoadLibraryA
lstrcpynA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
ExitProcess
GetCommandLineA
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
RtlUnwind
InterlockedExchange
VirtualQuery
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
InitializeCriticalSection
HeapSize

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx

shlwapi

StrStrA
StrToIntA
StrStrIA
StrNCatA
wnsprintfA

Exports

Exports

SetHook

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4376ed7613e999fe404eaf4c8abffb2c

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 10KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 10KB