79cabec3a0bf3f190e436ae836213a73

General

Target

79cabec3a0bf3f190e436ae836213a73
Size

40KB
MD5

79cabec3a0bf3f190e436ae836213a73
SHA1

09cb7c792e6a52d4519b8d205ae6091d5376c89d
SHA256

cbbc3d1ac4ed991f08c7e9f4e78e847a8cfb0a4dec79bea78a11367ff2541d2d
SHA512

907f8f5db123cc6e56bd6a5274e46022284ff7ff7c586866640fd3063a46de0a4fcb00f34dcc32c4ab6329a36dbe70f24b444ae138936a60583cd3ebf8c376f4
SSDEEP

384:s5L253Bx22U0EU3OnR78Q+vOu8kBsCcHSs3nRkh5siLz1zngE00Qc2MzrXOD:s5L2TQ2cR9+vjsXRa5skhrRPrXO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79cabec3a0bf3f190e436ae836213a73

Files

79cabec3a0bf3f190e436ae836213a73
.dll windows:4 windows x86 arch:x86

0069ec2ecf0e6e61a495d4d4f730326e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
HeapFree
lstrcpyA
lstrcatA
lstrlenA
lstrcpynA
MultiByteToWideChar
InitializeCriticalSection
DeleteCriticalSection
WaitForSingleObject
WaitForMultipleObjects
CreateThread
LeaveCriticalSection
ResumeThread
EnterCriticalSection
CloseHandle
ReadFile
CreateFileA
PeekNamedPipe
WriteFile
CreateProcessA
CreatePipe
lstrcmpiA
GetSystemTime
GetFileSize
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
GetFileAttributesA
GetDiskFreeSpaceA
GetDriveTypeA
GetComputerNameA
lstrcmpA
CompareStringA
GetFullPathNameA

user32

wsprintfA
CharUpperA
PostThreadMessageA
PeekMessageA

wsock32

gethostbyname
gethostbyaddr
closesocket
accept
inet_ntoa
listen
bind
htons
socket
send
connect
ioctlsocket
recv
__WSAFDIsSet
select
setsockopt

Exports

Exports

InstallPlugin
PluginVersion
TerminatePlugin

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0069ec2ecf0e6e61a495d4d4f730326e

Headers

File Characteristics

Imports

kernel32

user32

wsock32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 12KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 12KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 1KB