3c28cd56e656316a1644f037172202c2

Sharing

Copy URL Twitter E-mail

General

Target

3c28cd56e656316a1644f037172202c2
Size

132KB
MD5

3c28cd56e656316a1644f037172202c2
SHA1

6a691e429c6225062579c51b22598553fa83e2d9
SHA256

c74be681866d353e1509be0879f04dd5e41c7ab5fed5091176d659b76c69df03
SHA512

a5de4e78b263988fc1b52db6b84fb78ef2dbb9d94828865a32b8698ce4273846114e304bb977e90fac048d9120958d422bbcf1462c54a4bde5ac897a8fa19e0b
SSDEEP

1536:n2QHbrQQSpafrb+WbUXK2VwDj9d56C6NdUGTnzuQF7F45F1kEJLhiwt1ZQcV:2QHYQfeW2K1fA8cyFOEJLhBt1Sc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c28cd56e656316a1644f037172202c2

Files

3c28cd56e656316a1644f037172202c2
.dll windows:4 windows x86 arch:x86

ad89f6740c61b4ce0e8ebb6064c63c3c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetOpenA
InternetOpenUrlA

kernel32

SetEndOfFile
MultiByteToWideChar
CreateProcessA
FreeEnvironmentStringsA
lstrcpyA
lstrlenA
GetEnvironmentStrings
lstrcmpA
lstrcatA
GetSystemDirectoryA
lstrcpynA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
SetFileTime
SystemTimeToFileTime
GetSystemTime
CreateFileA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
ReadFile
GetFileSize
OpenFile
FileTimeToSystemTime
GetFileTime
WriteFile
GetWindowsDirectoryA
Sleep
GetVersion
CreateDirectoryA
GetLastError
CreateMutexA
CopyFileA
DeleteFileA
GetModuleFileNameA
GetTempFileNameA
GetTempPathA
GetComputerNameA
CreateThread
GetEnvironmentVariableA
TerminateProcess
GetCurrentProcess
WideCharToMultiByte
lstrlenW
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
SetFilePointer
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStartupInfoA
GetFileType
SetHandleCount
HeapSize
GetConsoleMode
GetConsoleCP
LCMapStringW
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapAlloc
HeapFree
RaiseException
VirtualProtect
VirtualAlloc
GetModuleHandleA
GetSystemInfo
VirtualQuery
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
MoveFileA
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
VirtualFree
HeapReAlloc
HeapDestroy
HeapCreate
ExitProcess
GetStdHandle
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCPInfo
GetOEMCP
LCMapStringA
QueryPerformanceCounter

user32

GetClassNameA
SendMessageTimeoutA
SetWindowsHookExA
CallNextHookEx
SetWindowPos
RegisterWindowMessageA
GetAncestor
GetSystemMetrics
GetParent
wsprintfA

shell32

ShellExecuteA

ole32

CoCreateInstance

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString
SysAllocStringLen
VarCmp

netapi32

Netbios

Exports

Exports

Start
StopA
Ver

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DLLSHAR
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad89f6740c61b4ce0e8ebb6064c63c3c

Headers

File Characteristics

Imports

wininet

kernel32

user32

shell32

ole32

oleaut32

netapi32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 12KB

.DLLSHAR Size: 4KB - Virtual size: 8B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 12KB

.DLLSHAR
Size: 4KB - Virtual size: 8B

.reloc
Size: 12KB - Virtual size: 8KB