495cb4d1b9371e10649d9c5fa5fa4f6a

General

Target

495cb4d1b9371e10649d9c5fa5fa4f6a
Size

16KB
MD5

495cb4d1b9371e10649d9c5fa5fa4f6a
SHA1

8d5d7f1e4ef2fdd067325f413a5a51aed2bbabfe
SHA256

9e15957c2d5db709e334993d92501d592b5aa0d5b756a6e3a4a47dde8ccf3046
SHA512

78be0ac192953c28c28ca5a9391e33e671eca904b20056709e65b8e4bbcd955395e8e0a9ca56cd9a84c3809d373fbbc1d7ac6d440e57d66c4bfe2f5815f3d64a
SSDEEP

384:5sDBvkb1Asp8zB/cxR7uuLacCKZFHRSdjYw9:yvAR7uuWcC2xS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
495cb4d1b9371e10649d9c5fa5fa4f6a

Files

495cb4d1b9371e10649d9c5fa5fa4f6a
.dll windows:4 windows x86 arch:x86

bcb62cfbb11fb05d74f548c5d8587183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
CreateThread
VirtualProtectEx
GetCurrentProcess
GetModuleFileNameA
Sleep
GetCommandLineA
GlobalFree
GetProcAddress
GetModuleHandleA
ReadProcessMemory
GlobalLock
GlobalAlloc
GetPrivateProfileStringA

user32

GetKeyboardState
CallNextHookEx
GetAsyncKeyState
ToAscii
SetWindowsHookExA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

msvcrt

_adjust_fdiv
malloc
_initterm
free
_stricmp
memset
strlen
strstr
memcpy
strrchr
strcpy
strcmp
strcat
sprintf
??2@YAPAXI@Z
strncpy

Exports

Exports

fa
fc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb62cfbb11fb05d74f548c5d8587183

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 712B

sdt Size: 512B - Virtual size: 277B

.reloc Size: 1024B - Virtual size: 592B

0 Size: 5KB - Virtual size: 5KB

1 Size: 1024B - Virtual size: 1012B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 712B

sdt
Size: 512B - Virtual size: 277B

.reloc
Size: 1024B - Virtual size: 592B

0
Size: 5KB - Virtual size: 5KB

1
Size: 1024B - Virtual size: 1012B