75fcf1ff9769dada56de32cd15b6e6b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75fcf1ff9769dada56de32cd15b6e6b1
Size

8KB
MD5

75fcf1ff9769dada56de32cd15b6e6b1
SHA1

d0c0f4127727feb33920e913b12e206bdca21dee
SHA256

704e1a0964f4ba339ed3e805a537ab48ed8c961e78566bc52d054550453dd6cc
SHA512

ff53f516b68125eb83dd8d5cee50e08a57e0c39f54da8e093bc2dad196d8e2799e676545a32e94804a9f3b4c806c866176ea4f9b6307eb148c794b29463894d0
SSDEEP

96:yez+c1EwBB6+XkVgiIvel/cSrl+0fEhnGFJchfAD9T9ZEtEaflL74llCwIBk:Dzpa+UVcXZ5u9T9ZOLZ4jdIi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75fcf1ff9769dada56de32cd15b6e6b1

Files

75fcf1ff9769dada56de32cd15b6e6b1
.dll windows:4 windows x86 arch:x86

0eb171f0cd4551db2092210915704c1b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetPrivateProfileStringA
Sleep
ReadProcessMemory
WriteProcessMemory
CreateThread
GlobalLock
GlobalAlloc
IsBadReadPtr
GetCommandLineA
GetModuleFileNameA
GetCurrentProcess
GlobalFree

user32

SetWindowsHookExA
CallNextHookEx
UnhookWindowsHookEx

wininet

InternetReadFile
InternetCloseHandle
InternetOpenUrlA
InternetOpenA

msvcrt

??2@YAPAXI@Z
_adjust_fdiv
malloc
_initterm
free
strstr
??3@YAXPAX@Z
strrchr
strcpy
sprintf
_stricmp
strlen
memcpy
memset

Exports

Exports

fa
fc

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ