480c359e24942a7f50d8f2b12e4f3af4

General

Target

480c359e24942a7f50d8f2b12e4f3af4
Size

44KB
MD5

480c359e24942a7f50d8f2b12e4f3af4
SHA1

60549396cf5dbc634705d645cb6c11bb2218c5b4
SHA256

032903952383f3da540e8ff42d9c1b3fcde25fe06f0183154a0447892309682c
SHA512

33014f5d1f6236200eea2aaa5a3ecdc81427196d2b640391e15380622e4da3e16a39b8977233014e3f5034a8b30befe237e6b8ad2941e7ee137d33effb6ef373
SSDEEP

768:w0Blb+D/pkavNOlwVfxQqzIWyWfMxqgLa12:pMyVeVjU/WUBLa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
480c359e24942a7f50d8f2b12e4f3af4

Files

480c359e24942a7f50d8f2b12e4f3af4
.dll regsvr32 windows:4 windows x86 arch:x86

fbd1445b0553c73a28b88c8333944b1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateMutexA
WinExec
GetSystemDirectoryA
InterlockedIncrement
VirtualAlloc
GetProcAddress
GetLocalTime
CreateProcessA
GetModuleFileNameA
LoadLibraryA
CreateThread
CloseHandle
GetWindowsDirectoryA

user32

SetWindowsHookExA
PostMessageA
FindWindowExA
DispatchMessageA
CreateWindowExA
RegisterClassExA
KillTimer
SetTimer
DefWindowProcA
CallNextHookEx
GetMessageA
UnhookWindowsHookEx
ShowWindow
TranslateMessage

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

fopen
_adjust_fdiv
malloc
_initterm
free
atoi
_except_handler3
strrchr
strchr
_stricmp
fwrite
fclose
sprintf
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z

shlwapi

SHGetValueA

wininet

HttpQueryInfoA
InternetOpenUrlA
InternetSetOptionA
InternetOpenA
InternetReadFile
InternetCloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbd1445b0553c73a28b88c8333944b1e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

shlwapi

wininet

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 884B

.text
Size: 24KB - Virtual size: 21KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 884B