40534924dd52f388dbf7176a0e9befaa

Sharing

Copy URL Twitter E-mail

General

Target

40534924dd52f388dbf7176a0e9befaa
Size

45KB
MD5

40534924dd52f388dbf7176a0e9befaa
SHA1

c48199cc7b38978f64d5d3570f1939dc3d347e07
SHA256

7a2554a31e4c41fa23fd8d6c54d614279f7e948b844b20d68d5805f11ae1297d
SHA512

fe77e75a1dc6906f331db2df2a07ac61b8811d6b13777211fbe75bc91abbe3d0f78b6cdd2308e5baaa9008e9c6400f20a93e9c4330cc309623e94ec386db531d
SSDEEP

768:g9scwe0+IXX4g55qDahSR9hs7wBSiqDo3MLCw0jc8CGLkedLcBYZ/WFVD4n2JMDo:g9sC0fJLH7wBSno36Cw01CGLxdLcc+Dl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40534924dd52f388dbf7176a0e9befaa

Files

40534924dd52f388dbf7176a0e9befaa
.dll windows:4 windows x86 arch:x86

b1bdf80501f74b5e7b945589257c2e8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

shell32

ShellExecuteA

psapi

GetModuleFileNameExA

avicap32

capCreateCaptureWindowA

ole32

CreateStreamOnHGlobal

winmm

waveInStop

msvcrt

free

advapi32

RegCloseKey

user32

SetTimer

ws2_32

listen

shlwapi

StrCmpW

imm32

ImmGetContext

gdi32

BitBlt

Exports

Exports

gytfredwse
ServiceMain
rftgyhujk

Sections

.erdf
Size: 27KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rtfgy
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgyh
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rftgyh
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.LordFox
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1bdf80501f74b5e7b945589257c2e8f

Headers

File Characteristics

Imports

kernel32

shell32

psapi

avicap32

ole32

winmm

msvcrt

advapi32

user32

ws2_32

shlwapi

imm32

gdi32

Exports

Exports

Sections

.erdf Size: 27KB - Virtual size: 66KB

.rtfgy Size: 1024B - Virtual size: 7KB

.tgyh Size: 1024B - Virtual size: 2KB

edrft Size: - Virtual size: 4KB

rtyhgj Size: 3KB - Virtual size: 3KB

.rsrc Size: - Virtual size: 4KB

.rftgyh Size: 2KB - Virtual size: 3KB

.LordFox Size: 2KB - Virtual size: 4KB

.erdf
Size: 27KB - Virtual size: 66KB

.rtfgy
Size: 1024B - Virtual size: 7KB

.tgyh
Size: 1024B - Virtual size: 2KB

edrft
Size: - Virtual size: 4KB

rtyhgj
Size: 3KB - Virtual size: 3KB

.rsrc
Size: - Virtual size: 4KB

.rftgyh
Size: 2KB - Virtual size: 3KB

.LordFox
Size: 2KB - Virtual size: 4KB