65513bc1f0649d3fd4b1f5c9c429b176

Sharing

Copy URL Twitter E-mail

General

Target

65513bc1f0649d3fd4b1f5c9c429b176
Size

128KB
MD5

65513bc1f0649d3fd4b1f5c9c429b176
SHA1

7da2140fdf5f6cff7bc49a5a16b87a20c3bf2fce
SHA256

aa67526a62087766a73effd563ec81948a971560ff7e1220db01e3c48428474c
SHA512

e3db24aabbecdc9546c2251dc8c7599c1c7879ec0eeea4fb777b839cb3b7a1baebd1d8da341c111c0ded70ea85aeec8e04c608c223ed8a9a4d82275daab90c01
SSDEEP

1536:sz8UOkTTim/StMIte+U2htajPpgycx8z+XT8ukro1V+CsHl75a1Ez3/p+MXYATTO:KOk3pefI+ZYjxgN+JoaCsba1sEke0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65513bc1f0649d3fd4b1f5c9c429b176

Files

65513bc1f0649d3fd4b1f5c9c429b176
.dll windows:4 windows x86 arch:x86

cb0631f6944774b7c506e8dc01367c9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ExitWindowsEx

gdi32

DeleteObject

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

CreateStreamOnHGlobal

ws2_32

listen

shlwapi

StrCmpW

psapi

GetModuleFileNameExA

imm32

ImmReleaseContext

avicap32

capCreateCaptureWindowA

winmm

waveInUnprepareHeader

msvcrt

malloc

kernel32

lstrcatW
GetModuleHandleA
GetProcAddress
VirtualProtect

Exports

Exports

DoMainWork
DoService
ServiceMain

Sections

.text
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�9��
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�n��
Size: - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�+��
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb0631f6944774b7c506e8dc01367c9d

Headers

File Characteristics

Imports

user32

gdi32

advapi32

shell32

ole32

ws2_32

shlwapi

psapi

imm32

avicap32

winmm

msvcrt

kernel32

Exports

Exports

Sections

.text Size: - Virtual size: 66KB

.rdata Size: - Virtual size: 7KB

.data Size: - Virtual size: 2KB

���� Size: - Virtual size: 4KB

�9�� Size: - Virtual size: 3KB

�n�� Size: - Virtual size: 82KB

�+�� Size: 127KB - Virtual size: 126KB

.reloc Size: 512B - Virtual size: 164B

.text
Size: - Virtual size: 66KB

.rdata
Size: - Virtual size: 7KB

.data
Size: - Virtual size: 2KB

��
Size: - Virtual size: 4KB

�9��
Size: - Virtual size: 3KB

�n��
Size: - Virtual size: 82KB

�+��
Size: 127KB - Virtual size: 126KB

.reloc
Size: 512B - Virtual size: 164B