4565fe67da105441d3afe185ab3d277e

General

Target

4565fe67da105441d3afe185ab3d277e
Size

64KB
MD5

4565fe67da105441d3afe185ab3d277e
SHA1

2b84d761c6aff2d74ca13fb60d76ca9580419041
SHA256

dc1cb14dcd97ee818a000e4fe6a8d7537f00122ad3d55c7ad9a7528e211e0df9
SHA512

eca332a864426b446e97c34917c34caf0cdf6d44d1b33a6d31d2bb2f70d4df41a7049bf1ddfb90cc989fbc29922816a16a3594ca5eac82f7fda50c623e037af8
SSDEEP

1536:8lrSD9MXMjX6UUC8P6xecJUpiV4CIykNFU:X9MqX6hC8P6xecGpiVyyAF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4565fe67da105441d3afe185ab3d277e

Files

4565fe67da105441d3afe185ab3d277e
.dll windows:4 windows x86 arch:x86

934cc8dfc1bc36ed658e243445f98917

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringA
GetConsoleWindow
EnumSystemGeoID
GetProcessHandleCount
IsBadStringPtrA
GetLogicalDrives
IsValidCodePage
GetCommandLineW
GetTimeFormatA
GetFileTime
GetModuleFileNameA
CloseHandle
Heap32First
GetCurrencyFormatA
ExitProcess
GetWindowsDirectoryA
ReadConsoleOutputA
VirtualAlloc
ReadConsoleOutputA
GetFileInformationByHandle
GetCommandLineA
RegisterWaitForSingleObjectEx
GetNumberFormatA

user32

GetAppCompatFlags2
InvertRect
PrivateExtractIconsA
CharUpperBuffA
GetUpdateRect
GetKeyState
GetWindowLongA
CreateIconFromResourceEx
SetShellWindowEx
SetMenuItemBitmaps
OemToCharBuffW
UnionRect
DeviceEventWorker
SendNotifyMessageA
GetWindowThreadProcessId
CharUpperBuffA
SetWinEventHook
DrawTextExA
CreateDialogParamA

ntdll

RtlGetLastWin32Error

tapi32

lineDrop
lineConfigDialogEdit
lineCreateAgentSessionW

Sections

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 52KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

934cc8dfc1bc36ed658e243445f98917

Headers

File Characteristics

Imports

kernel32

user32

ntdll

tapi32

Sections

.textbbs Size: - Virtual size: 1KB

.text Size: 52KB - Virtual size: 184KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.textbbs
Size: - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 184KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB