4c4f7f18779f046665080fa93eba4ccd

Sharing

Copy URL

Twitter E-mail

General

Target

4c4f7f18779f046665080fa93eba4ccd
Size

44KB
MD5

4c4f7f18779f046665080fa93eba4ccd
SHA1

f5e83d50dba3d62a63e98568862dbc31064f407e
SHA256

54eaafcf58f349c5b2b401adf0ff2da977ad51ea344e81ca09dd1cf17febe8a5
SHA512

a5e979e8430d7f5a0b57dbc1f15bb86fea48bd66edd74ebea1a1d94d641432dc70e0ca784f8bafdf451b3da6563f44344317fdb187544017c2f602df8be89ce8
SSDEEP

768:uvm6YCi5saXjayiV15LWkX0GoPZ/QcnDPv8PBh6Ht7rd3h:uz5i5s0aySdWkX0bHDH8ph6Ht7r7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c4f7f18779f046665080fa93eba4ccd

Files

4c4f7f18779f046665080fa93eba4ccd
.dll regsvr32 windows:4 windows x86 arch:x86

3efbc5af5da141ab98dc74d020d809a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

recv
ioctlsocket
closesocket
htons
gethostbyname
connect
socket

kernel32

LoadLibraryA
Sleep
GetVersionExA
GetProcAddress
GetWindowsDirectoryA
GetSystemInfo
GetLastError
IsBadReadPtr
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
InterlockedDecrement
CloseHandle
GetModuleHandleA
CreateFileA
IsBadStringPtrA
FindClose
FindFirstFileA
GetModuleFileNameA
OpenProcess
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32Next
Process32First
GetPrivateProfileStringA
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
WinExec
ReleaseMutex
CreateMutexA
CreateThread
VirtualAlloc
GetTempPathA
LocalFree

user32

GetForegroundWindow
GetClassNameA
IsWindow
GetWindowTextA
CallNextHookEx
EnumChildWindows

wininet

InternetCrackUrlA

ole32

CoCreateInstance
CoInitializeEx
OleRun

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

msvcrt

sprintf
??3@YAXPAX@Z
atoi
??2@YAPAXI@Z
wcslen
fseek
fgets
fopen
??1type_info@@UAE@XZ
fclose
ftell
__dllonexit
_onexit
_CxxThrowException
__CxxFrameHandler
_adjust_fdiv
malloc
calloc
realloc
_strdup
free
strstr
_initterm

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3efbc5af5da141ab98dc74d020d809a7

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

wininet

ole32

oleaut32

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 74KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 74KB

.reloc
Size: 4KB - Virtual size: 2KB