54924f3daba0c9c84755ae2c8b2794e9

Sharing

Copy URL Twitter E-mail

General

Target

54924f3daba0c9c84755ae2c8b2794e9
Size

18KB
MD5

54924f3daba0c9c84755ae2c8b2794e9
SHA1

7a58995ca6bdf6a3f7f5a6fbe0f72b588ff2bb97
SHA256

402bb344feb4b95b45f38fb931316b13d3aac958769303ec4fad4fa9796cdf60
SHA512

730b99325b7b991488d338d47c2ca16ce0d412c1d396756895e08459f3f4b5f19819434bb57c7dcb0c2855ac56b3177b871c6cdd8860eba8cb1aa66b2a2985e9
SSDEEP

384:PNG+7+UES7ds1b7cVeQjv2nkyJdIOBkWh4:4UES7EcVfjv2n1d5B3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54924f3daba0c9c84755ae2c8b2794e9

Files

54924f3daba0c9c84755ae2c8b2794e9
.dll windows:4 windows x86 arch:x86

c90ba5f984e9941c8c0987e1cf816a64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42u

ord5180
ord1971
ord825
ord823
ord861
ord1568
ord665
ord354
ord800
ord540

msvcrt

wcslen
__dllonexit
_onexit
__CxxFrameHandler
wcscpy
strncpy
wcsncpy
free
_initterm
malloc
_adjust_fdiv
_itow

kernel32

CloseHandle
MultiByteToWideChar
GetComputerNameW
Process32NextW
GetModuleHandleW
FreeConsole
CreateThread
Sleep
GetLastError
Process32FirstW
GetCommandLineW
TerminateProcess
GetModuleFileNameW
MoveFileExW
GetOEMCP
GetExitCodeProcess
WriteFile
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte

user32

PeekMessageW
wsprintfW

advapi32

RegisterServiceCtrlHandlerW
RegDeleteKeyW
SetServiceStatus

shell32

ShellExecuteW

ws2_32

WSAGetLastError
recv
send
shutdown
htons
WSAStartup
socket
closesocket
gethostbyname
inet_ntoa
inet_addr
setsockopt

msvcirt

?cin@@3Vistream_withassign@@A
?endl@@YAAAVostream@@AAV1@@Z
??6ostream@@QAEAAV0@PBX@Z
?cerr@@3Vostream_withassign@@A
??6ostream@@QAEAAV0@H@Z
??6ostream@@QAEAAV0@PBD@Z
?cout@@3Vostream_withassign@@A
??5istream@@QAEAAV0@AAH@Z

Exports

Exports

ServiceMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 864B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c90ba5f984e9941c8c0987e1cf816a64

Headers

File Characteristics

Imports

mfc42u

msvcrt

kernel32

user32

advapi32

shell32

ws2_32

msvcirt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 864B - Virtual size: 850B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 864B - Virtual size: 850B