Static task
static1
Behavioral task
behavioral1
Sample
63d1869075ef3a19f19fc76c3432ee20.dll
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
63d1869075ef3a19f19fc76c3432ee20.dll
Resource
win10v2004-20231215-en
General
-
Target
63d1869075ef3a19f19fc76c3432ee20
-
Size
11KB
-
MD5
63d1869075ef3a19f19fc76c3432ee20
-
SHA1
5a4aea1ff4e78b64a2d831b12bd76b0c58c49892
-
SHA256
6c265bdbe5b6902bf5601ea7c76f4b82ae855b4c594af0953272388df5c05134
-
SHA512
2e6af40e29260f1b53dbac9b5ccc4cf6099cf7229fbec21e1e935eb4d6bff0ff749b2a97fc6065dd4f1373b51b791cd6a7bd7917c7d049d19ce63548310ef9c6
-
SSDEEP
192:hFeURudtYLkubwODTK76S06JAfuMXVSuuTRz7Lrpi:TgteblKGSrGGMXVYTx7Lrp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 63d1869075ef3a19f19fc76c3432ee20
Files
-
63d1869075ef3a19f19fc76c3432ee20.dll windows:4 windows x86 arch:x86
c74da9514144594422f11d5471a6712e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetLastError
WinExec
GlobalMemoryStatus
GetVersionExA
lstrcpyA
DeleteFileA
GetTempPathA
TerminateThread
CopyFileA
GetSystemDirectoryA
lstrcatA
GetLogicalDriveStringsA
GetProcAddress
LoadLibraryA
GetTickCount
CreateThread
lstrcmpA
Sleep
user32
MessageBoxA
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
msvcrt
printf
atoi
strstr
sprintf
fclose
fread
fopen
fprintf
free
_initterm
malloc
_adjust_fdiv
ws2_32
sendto
socket
htons
gethostbyname
inet_addr
send
connect
WSAStartup
setsockopt
WSASocketA
htonl
closesocket
getservbyname
WSAGetLastError
recv
WSACleanup
inet_ntoa
wininet
DeleteUrlCacheEntry
Sections
.data Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 768B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ