67c636660c081fe327bf6495da7e87d7

Sharing

Copy URL Twitter E-mail

General

Target

67c636660c081fe327bf6495da7e87d7
Size

21KB
MD5

67c636660c081fe327bf6495da7e87d7
SHA1

1949292798ed9f40de708480053b15810c38649c
SHA256

199ac523688dd2bbc4434513091a3492d28d3251014fa128a37fa418110bc78b
SHA512

4e6a09344283c6ffe990f082a065648ea547e2279a09db1af6c7ffa9ebd6e9156a07f3ed75e285c4201528568de4e0ad14c78c272b08280bce5844d768ca8207
SSDEEP

384:US3SL3xZUWqHX624fKMSM1nwuObLz6JBvNsZ:UKSLgHXp4fnwuO/z6JBFO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67c636660c081fe327bf6495da7e87d7

Files

67c636660c081fe327bf6495da7e87d7
.dll windows:4 windows x86 arch:x86

b3054455fcae087fddcf94c5990a35ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetTempFileNameA
GetTempPathA
GetProcAddress
GetModuleHandleA
MulDiv
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
WaitForMultipleObjects
WaitForSingleObject
DeleteFileA
ReleaseMutex
SetFilePointer
GetModuleFileNameA
InterlockedExchange
RtlUnwind
GetFileTime
lstrlenA
CreateProcessA
ExitThread
CreateThread
GetLastError
SetEvent
GlobalAlloc
lstrcpynA
lstrcpyA
VirtualQuery
CreateEventA
GlobalFree

user32

RegisterWindowMessageA
SetDlgItemTextA
MessageBoxA
wsprintfA
DestroyWindow
GetTopWindow
CallWindowProcA
CharLowerBuffA
PeekMessageA
TranslateMessage
DispatchMessageA
MsgWaitForMultipleObjects
SetWindowTextA
SendMessageA
GetDlgItem
GetFocus
IsWindowVisible
ShowWindow
GetClientRect
GetWindowRect
CreateWindowExA
GetWindowLongA
EnableWindow
CloseWindow
SetWindowLongA

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA

wininet

InternetConnectA
InternetOpenA
InternetCloseHandle
InternetReadFile
InternetSetFilePointer
InternetCrackUrlA
FindCloseUrlCache
FindFirstUrlCacheEntryA
HttpOpenRequestA
HttpSendRequestA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

one
three
two

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3054455fcae087fddcf94c5990a35ce

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

version

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 612B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 612B

.reloc
Size: 2KB - Virtual size: 1KB