3dc28eb9b28f3107ac9aa87382f827ab

General

Target

3dc28eb9b28f3107ac9aa87382f827ab
Size

14KB
MD5

3dc28eb9b28f3107ac9aa87382f827ab
SHA1

f6e78390ff4991d589ff15d8c2d6a5b435a2a7fe
SHA256

cb8640d9f88ffef0f95786d315af2f81c4208c4af901cd81493c6e85f33d5596
SHA512

4ed3beda7390e7a1d368d583bbaff822c5fca333cbc7fc0e0f21db386762baaac8660cba664a71fd7c1e48cae48cf01926abd27d0c9769b0808c5f13f5d424ee
SSDEEP

192:w+jIMtoIj7fHahOP44j8RqgJusdakt7UH/PGDCbMGROfj61j1TCFZ9LQ8Bv:w+cMlHgu8HztUHWDCbPgfO1hTCz9Uwv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc28eb9b28f3107ac9aa87382f827ab

Files

3dc28eb9b28f3107ac9aa87382f827ab
.dll windows:4 windows x86 arch:x86

485dcf67945493df9e6318f27a25db49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr71

printf

ws2_32

accept
listen
bind
inet_addr
WSACleanup
setsockopt
WSAStartup
socket
connect
closesocket
select
__WSAFDIsSet
recv
send
gethostbyname
htons

avicap32

capCreateCaptureWindowA

wininet

InternetReadFile
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

kernel32

GetTickCount
CreateThread
GetWindowsDirectoryA
WinExec
lstrcmpA
GetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
CopyFileA
SetFileAttributesA
DeleteFileA
SetCurrentDirectoryA
CreateFileA
ReadFile
SetFilePointer
WriteFile
CloseHandle
GetFileSize
GlobalAlloc
GlobalFree
Sleep
lstrcpyA
lstrlenA
GetLogicalDriveStringsA
FindNextFileA
FindFirstFileA

user32

RegisterClassA
CreateWindowExA
IsWindow
SendMessageA
DestroyWindow
PostQuitMessage
DefWindowProcA

gdi32

GetDeviceCaps
CreateCompatibleDC
DeleteDC
CreateDCA
SelectObject
BitBlt
GetDIBColorTable
DeleteObject
CreateDIBSection

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

485dcf67945493df9e6318f27a25db49

Headers

DLL Characteristics

File Characteristics

Imports

msvcr71

ws2_32

avicap32

wininet

kernel32

user32

gdi32

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 912B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 912B

.reloc
Size: 1KB - Virtual size: 1KB