7977134fd097cc7307df764f359895ca

General

Target

7977134fd097cc7307df764f359895ca
Size

15KB
MD5

7977134fd097cc7307df764f359895ca
SHA1

7c1c87a4048c89564cccb30255445ee1a22a982a
SHA256

1fd85b87d572d4758b7a26da4f4c1c769333c742bd0ba20b487049fe8fa168f6
SHA512

cb3ab93940018f6f3bcb954817cb07689d48a0b811a3a048b690b247b2c5052fe73238b2238ece50fb277cd76826e1a0d62781868425513ddabc57f6884f10c6
SSDEEP

192:nR0LMmI7CXiCA2CkCBhuFbKKIbEkHezv609K6zlhT0t:RXrWS2CBhuFeFY+atHzlF6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7977134fd097cc7307df764f359895ca

Files

7977134fd097cc7307df764f359895ca
.dll windows:4 windows x86 arch:x86

f431412c4603968477961a70cd0ecdbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
GetProcAddress
GetModuleHandleA
FindClose
FindNextFileA
lstrcpynA
lstrcpyA
lstrcmpA
FindFirstFileA
VirtualProtectEx
LoadLibraryA
Module32Next
Module32First
ReadFile
VirtualFreeEx
CreateRemoteThread
CreateThread
Sleep
WinExec
TerminateProcess
GetCurrentProcess
GetCurrentProcessId
OpenProcess
CreateMutexA
GetLastError
ReleaseMutex
GetSystemDirectoryA
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
lstrlenA
WaitForSingleObject
CreateFileA
WriteFile
CloseHandle
GetTempPathA
GetModuleFileNameA

user32

ToAscii
MapVirtualKeyA
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
OpenWindowStationA
wsprintfA

advapi32

OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA

shlwapi

StrStrIA

wininet

InternetCloseHandle

msvcrt

??3@YAXPAX@Z
strcmp
_purecall
memcpy
??2@YAPAXI@Z
strstr
strncat
strcat
memset
strcpy
sprintf

Sections

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f431412c4603968477961a70cd0ecdbc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

wininet

msvcrt

Sections

.bss Size: - Virtual size: 18KB

.data Size: 12KB - Virtual size: 11KB

.reloc Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 11KB

.reloc
Size: 2KB - Virtual size: 1KB