3d24fa1edd4cf70ba65214e7263f1fd8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d24fa1edd4cf70ba65214e7263f1fd8
Size

31KB
MD5

3d24fa1edd4cf70ba65214e7263f1fd8
SHA1

0598b8e9bd76fa7978bd28d8070546a3f8d057b5
SHA256

b60f8cd26c418810fd1444143a8b7d8ea441d9f3637b84c1478fb643ed222dce
SHA512

8a2e5e4e4a9f4f3e5a430e99c8c120ed1b5ea58ce1b40cdca72f835bd2a030c0b101265730a9aa663bf384825d602ea0cb53be1a57cbaf9141ef98f17470482d
SSDEEP

768:NCthq/xdcRpNLdNR7lolv7xijQzPALHCBkOSGAPOjczjINuO9lhyfUJOk:WhMxdcRpNLdNR7lolv7xijQzJOGaI0cB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d24fa1edd4cf70ba65214e7263f1fd8

Files

3d24fa1edd4cf70ba65214e7263f1fd8
.dll windows:4 windows x86 arch:x86

7e965586302b15135eb058a8c79d3df4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_addr
gethostbyname

kernel32

CreateFileW
LocalAlloc
lstrcpyA
lstrcatA
GetComputerNameA
CloseHandle
WaitForSingleObject
CreateEventA
lstrlenA
GetTempPathA
lstrcmpiA
lstrcpynA
GlobalFree
GlobalAlloc
lstrcmpA
DeleteFileA
LocalFree
WriteFile
CreateFileA
LoadLibraryA
GetLastError
GetTickCount
RtlUnwind
FindFirstFileA
FindNextFileA
MoveFileA
ExitProcess
CreateThread
GetModuleFileNameA
VirtualFree
VirtualAlloc
VirtualQuery
FreeLibrary
SetEvent
OpenEventA
MultiByteToWideChar
GetVersionExA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
FindClose

user32

SendMessageA
EnumWindows
GetWindowThreadProcessId
PostMessageA
CharLowerA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegEnumValueA
RegSetValueExA
RegQueryValueExA

Exports

Exports

Activate

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ