67e32d9ee6b580022d7c7450ba1883f1 | Triage

Sharing

General

Target

67e32d9ee6b580022d7c7450ba1883f1
Size

20KB
MD5

67e32d9ee6b580022d7c7450ba1883f1
SHA1

ba5dc773082fe1ad8158a0da2033eddf00ca7e8e
SHA256

a9790cf588cd5692fef55c23142caafa6b8c484e9cac723821d94f12326996b6
SHA512

f8f39b4fd688f41921673a850e3844f2ad7221c7e7b4ffb3f8cd1a9a86aa3848958e1ff0a5282d090166b8f62ac6e285118053a2a69009899718640426db3cad
SSDEEP

384:pK6p1hop8pjx++5R2sng+kUV5OL8FPScJx8/W9aH25Y:Y6p1h3mZsnr5R6/28

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67e32d9ee6b580022d7c7450ba1883f1

Files

67e32d9ee6b580022d7c7450ba1883f1
.dll windows:4 windows x86 arch:x86

e481b3b8193c68b62692ee3eaefb1fd5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
Sleep
lstrcpyA
lstrcatA
lstrcmpA
ExitProcess
lstrcmpiA
lstrlenA
GetTickCount
lstrcpynA
GetPrivateProfileIntA
GetSystemTime
WritePrivateProfileStringA
CloseHandle
ReadFile
CreateFileA
SetFilePointer
GetModuleFileNameA
CreateThread
UnmapViewOfFile
OutputDebugStringA
LoadLibraryA
MapViewOfFile
OpenFileMappingA
GetLastError
CreateMutexA
RtlUnwind

user32

CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
PostThreadMessageA
FindWindowA

wininet

InternetReadFile
HttpQueryInfoA
InternetCloseHandle
InternetOpenA
InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenUrlA

ws2_32

shutdown

Exports

Exports

DivxDecode
Hookoff
Hookon
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
ftsWordBreak

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ