731e3fa2a5633f0829b27e0145e45a27

General

Target

731e3fa2a5633f0829b27e0145e45a27
Size

39KB
MD5

731e3fa2a5633f0829b27e0145e45a27
SHA1

28b2b142ad6883032e4a28c02fce97e46406ea53
SHA256

bddb5b935c9cf037b5e49a555f1cd79c895ec9b92e25eeb9f2604285b7bf4fd7
SHA512

d494b733a9d23b5bfd86c9403c2ef306090b4fd1810173dd13e22e18bc199e479d627bf3eb8041414f8643458c0befa0cc011d55f93a7255e0c8de9d496ca3ae
SSDEEP

768:/aho0iz/CyeSb45UteMdLhWnqNiG9JVl1QfGZA09ddB5:yhoN/H62RRhWMVlufGnv5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
731e3fa2a5633f0829b27e0145e45a27

Files

731e3fa2a5633f0829b27e0145e45a27
.dll windows:4 windows x86 arch:x86

deedbf618bd40ba71d9e3acd5d2425ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
GetFileSize
ReadFile
GetEnvironmentVariableA
GetProcAddress
LoadLibraryA
CloseHandle
MoveFileExA
FreeLibrary
WaitForSingleObject
CreateProcessA
CopyFileA
GetTempFileNameA
GetModuleFileNameA
LoadLibraryExA
CreateMutexA
ReleaseMutex
GetTempPathA
DeleteFileA
ExitProcess
GetModuleHandleExA
GetCommandLineA
Sleep
ExitThread
CreateDirectoryA
GetLastError
OpenMutexA
GetCurrentProcessId
CreateThread
GetVolumeInformationW
GetSystemTime
CreateMutexW
CompareFileTime
GetSystemTimeAsFileTime
WaitNamedPipeW
WriteFile
CreateFileW
ConnectNamedPipe
CreateNamedPipeW
CreateEventA
GetSystemDirectoryA
DisconnectNamedPipe
SetFilePointer
GetTickCount
LoadLibraryW
VirtualProtect
RaiseException
InterlockedExchange
LocalAlloc

user32

GetMessageW
CallNextHookEx
SetWindowsHookExA

msvcrt

free
malloc
strlen
strcat
memcpy
memset
strncat
strncmp
strstr
strcpy
strchr
strrchr
??2@YAPAXI@Z
memmove
strcmp
wcscmp
memcmp
atoi
strncpy
rand
srand
??3@YAXPAX@Z
_initterm
_adjust_fdiv
_itoa
_strlwr
_except_handler3

Exports

Exports

DllInstall
InitCommon
InitService
StartProt

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mysec
Size: 512B - Virtual size: 123B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

deedbf618bd40ba71d9e3acd5d2425ca

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 5KB

.mysec Size: 512B - Virtual size: 123B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 5KB

.mysec
Size: 512B - Virtual size: 123B

.reloc
Size: 3KB - Virtual size: 2KB