5497054fb00f7d4e036c96292cd3eec9

General

Target

5497054fb00f7d4e036c96292cd3eec9
Size

40KB
MD5

5497054fb00f7d4e036c96292cd3eec9
SHA1

cc52082b6f53f67e4f389c18e89bfaeae987296c
SHA256

063e2a8a420b6dcd05b80e710258b0cbcf4212af73843bafbaecf5b1bbca36a3
SHA512

998093f26de98306130db88882a1c8fe98922801bce3f4afd17a08c205d9ca5eb52e18d02c1acfcddec245210c787a9edcd76d709bc7b75777db80d8da9a518a
SSDEEP

768:4wCnEFGKDP1bZsRqS4rEX/DXp9Y6t5IwEHIS3ASPAhM:4wK89Zs4rEX7pOu/EH7BAq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5497054fb00f7d4e036c96292cd3eec9

Files

5497054fb00f7d4e036c96292cd3eec9
.dll windows:4 windows x86 arch:x86

b43fdb1679d6ee6b3fd3edc71460fdba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

wininet

InternetOpenA
InternetConnectA
HttpOpenRequestA
InternetSetOptionA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
InternetCrackUrlA

user32

RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA

msvcrt

_adjust_fdiv
malloc
_initterm
free
??3@YAXPAX@Z
_purecall
__CxxFrameHandler
??2@YAPAXI@Z
strstr
atoi
_snprintf
fopen
fwrite
fclose
time
difftime
strrchr
_stricmp
sprintf
_strnicmp
_strupr
localtime
_strlwr

kernel32

GetTickCount
HeapFree
GetSystemDirectoryA
DeleteFileA
CreateDirectoryA
CopyFileA
SetFileAttributesA
GetFileTime
FileTimeToSystemTime
HeapSize
HeapReAlloc
GetTempPathA
GetTempFileNameA
WriteFile
CreateProcessA
GetFileSize
GetProcessHeap
HeapAlloc
GetVolumeInformationA
GetComputerNameA
GetLogicalDriveStringsA
GetDriveTypeA
GetLocalTime
GetACP
FindFirstFileA
FindNextFileA
FindClose
CreateFileA
GetPrivateProfileIntA
ReadFile
WritePrivateProfileStringA
GetPrivateProfileStringA
CreateFileMappingA
MapViewOfFile
OpenProcess
Sleep
GetModuleFileNameA
CreateMutexA
GetLastError
CloseHandle
CreateThread
TerminateThread

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b43fdb1679d6ee6b3fd3edc71460fdba

Headers

File Characteristics

Imports

advapi32

wininet

user32

msvcrt

kernel32

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB