4544a7f6d5b408c65c0e115c390befe3

General

Target

4544a7f6d5b408c65c0e115c390befe3
Size

14KB
MD5

4544a7f6d5b408c65c0e115c390befe3
SHA1

1ffd5c5ecf3907ac59e319660eb07d9ad7d373c7
SHA256

662ef90d07030b0c8e0e726bc4678c23108bed183e78e1ae4faf974570a19b92
SHA512

a0893bc189999db95d52e84478da9b8b803d987cea829af7b8e47646ca5d1a86de068e8809c1d6d53e6ad15c3683e48c3d3936458afc0d72d42cde465013583b
SSDEEP

192:YO/KhVs5dkC2cQpuAvpfPxVqD20h+L2EAbvP:YO/wVs5iC2bpuAv4phdEk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4544a7f6d5b408c65c0e115c390befe3

Files

4544a7f6d5b408c65c0e115c390befe3
.dll windows:4 windows x86 arch:x86

2378a21a296ee078e322cacfd07c2b66

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
SetLocalTime
GetLocalTime
GetCurrentProcess
WideCharToMultiByte
MultiByteToWideChar
CloseHandle
ReadProcessMemory
VirtualProtectEx
GetModuleFileNameA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsBadReadPtr
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
CreateMutexA
GetLastError
WriteProcessMemory
CreateThread

user32

CallNextHookEx
SetWindowsHookExA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

_stricmp
_adjust_fdiv
malloc
_initterm
free
fclose
fopen
strrchr
??3@YAXPAX@Z
strcpy
??2@YAPAXI@Z
sprintf
strlen
memcpy
strncpy
strchr
strstr
fread
memset
strcmp
strcat

Exports

Exports

fx

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2378a21a296ee078e322cacfd07c2b66

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

sdt Size: 512B - Virtual size: 8B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

sdt
Size: 512B - Virtual size: 8B

.reloc
Size: 1KB - Virtual size: 1KB