662681c430571417f02612935be5e386 | Triage

Sharing

General

Target

662681c430571417f02612935be5e386
Size

18KB
MD5

662681c430571417f02612935be5e386
SHA1

40f80b05a57ba07a5c1e11c1fe3a51ebef868327
SHA256

7f39ee59392e9df144b18a4e70b7183a7f728503c54c528eef630820c2e9024f
SHA512

c75383fa290a914a3adaeb59435a803019a56da400e3767da67b8c0e3f5d7809a93b02497976a781f8f3bb208964fa325786e26acc2269790fde013831f70ee0
SSDEEP

384:kJR/jHVeeLfgPqc+urDZRQcNtNg+T2a9IXXiKWfW:kD/zV7kCBuffc+ia9KXnW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
662681c430571417f02612935be5e386

Files

662681c430571417f02612935be5e386
.dll windows:4 windows x86 arch:x86

a06f3576d3d140f5260316651d436c1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetTempPathA
GetLocalTime
GetLastError
DeleteFileA
GetSystemDirectoryA
CreateFileA
SetThreadPriority
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
WriteFile
CloseHandle
CreateProcessA
LoadLibraryA
TerminateThread
GetProcAddress

wininet

InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle

advapi32

ControlService
OpenServiceA
DeleteService
OpenSCManagerA
CloseServiceHandle

msvcrt

strcat
sprintf
strlen
memset
strcpy
_except_handler3
memcpy
strrchr

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ