6671ecd829fcc148c186568c90323c5b

Sharing

Copy URL

Twitter E-mail

General

Target

6671ecd829fcc148c186568c90323c5b
Size

176KB
MD5

6671ecd829fcc148c186568c90323c5b
SHA1

bf212f089ed0f9f4d4f0a9a290dc2bd1c1aec292
SHA256

e999679f6595d8e53a25787dbcfd6ec3bd5ea0cbf87da8c0a143bf80102b8d3e
SHA512

3f83881f4de1190044a6c9a25c203dc4c5dea4f94c76ca38a76d65b671ed7027360290140ead6908eae11b8efe127f98f7df82847199b9f9893e540f707b6bc4
SSDEEP

3072:+HMqqDL2/kpzuVCROZcWyIzTXIDxRfyuwJo1dL:+sqqDL6Y8CROqRIzjIDvfIqN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6671ecd829fcc148c186568c90323c5b

Files

6671ecd829fcc148c186568c90323c5b
.dll windows:4 windows x86 arch:x86

12034e98654720720a52155515cfe06b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DuplicateHandle
GetCurrentProcess
CloseHandle
VirtualFreeEx
Sleep
ReadProcessMemory
TerminateProcess
GetExitCodeProcess
SetFileTime
GetFileTime
WriteFile
CreateFileA
lstrcatA
GetSystemDirectoryA
lstrcpyA
FindClose
FindNextFileA
FindFirstFileA
lstrcpynA
ExpandEnvironmentStringsA
lstrcmpA
GetWindowsDirectoryA
ReleaseMutex
GetLastError
CreateMutexA
GetSystemTimeAsFileTime
GetModuleHandleA
GetFileAttributesA
DeleteFileA
GetModuleFileNameA
InitializeCriticalSection
GetTickCount
LeaveCriticalSection
EnterCriticalSection
CreateThread
FreeLibrary
LoadLibraryA
MoveFileExA
WinExec
ReadFile
GetFileSize
TerminateThread
GetExitCodeThread
CreateProcessA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetProcAddress
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
CreateRemoteThread
lstrlenA
DeleteCriticalSection
GetSystemTime
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
RaiseException
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
SetFilePointer
IsBadCodePtr
IsBadReadPtr
HeapAlloc
HeapReAlloc
HeapFree
RtlUnwind
GetTimeZoneInformation
GetLocalTime
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter

user32

PostQuitMessage
DefWindowProcA
wsprintfA
LoadCursorA
RegisterClassA
DestroyWindow
CreateWindowExA
LoadIconA

advapi32

RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExA

shlwapi

PathIsDirectoryA
PathFileExistsA

ws2_32

WSAIoctl
socket
WSACleanup
WSAStartup
closesocket

wininet

InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetSetOptionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Exports

Exports

Func
_DllMain@12
regReadString
regWriteString

Sections

.text
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shrd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12034e98654720720a52155515cfe06b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

ws2_32

wininet

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 162KB

shrd Size: 512B - Virtual size: 12B

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 163KB - Virtual size: 162KB

shrd
Size: 512B - Virtual size: 12B

.reloc
Size: 7KB - Virtual size: 7KB