7a834902dcb45b1929a2c56de5ee5212

Sharing

Copy URL

Twitter E-mail

General

Target

7a834902dcb45b1929a2c56de5ee5212
Size

65KB
MD5

7a834902dcb45b1929a2c56de5ee5212
SHA1

095234ce42ee8f9646bdcbea08d4bce9bcfda812
SHA256

f0f5d54341da944082d5f9d4ccf7353d02573d129821cdeb5b56cea6a233d3b1
SHA512

47520caff69647d73682956fa42918d57804d583c7f7f1cccc11020af96432f3093b60661a76cee7b8a16dccad2c0988b8acbec8d98463767cf3c62bece8ed27
SSDEEP

1536:AmPnm5r4rrTJywmxmipPfRuIvIoBRyU9t0vRQS5QIOFwhdA:bPm5rCHmxmipPfVBRyUPoUIb0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a834902dcb45b1929a2c56de5ee5212

Files

7a834902dcb45b1929a2c56de5ee5212
.dll windows:1 windows x86 arch:x86

0bfa79d64f80302578cfd78c2465309d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wsock32

WSAAsyncSelect
WSACleanup
WSAStartup
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getsockname
htons
inet_addr
inet_ntoa
listen
recv
send
sendto
socket

wininet

InternetCloseHandle
InternetConnectA
InternetCrackUrlA
InternetOpenA
InternetOpenUrlA
InternetReadFile
HttpOpenRequestA
HttpSendRequestA

shell32

ShellExecuteA

kernel32

ExitProcess
GetComputerNameA
GetEnvironmentStringsA
GetLocalTime
GetProcAddress
CloseHandle
GetTickCount
GetVersionExA
GlobalMemoryStatus
LoadLibraryA
RtlUnwind
CreateFileA
Sleep
TerminateThread
WriteFile
CreateProcessA
CreateThread

advapi32

GetUserNameA

crtdll

_fdopen
_iob
_itoa
_open_osfhandle
_strnicmp
atoi
exit
fclose
fputc
_cexit
localeconv
malloc
memcpy
memmove
memset
pow
raise
rand
setbuf
srand
strcat
strchr
strcmp
strncmp
strncpy
strstr
strtok
strtol
wcslen
wctomb

Exports

Exports

_LibMain@12

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 93KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84B - Virtual size: 84B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE

.edata
Size: 80B - Virtual size: 80B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0bfa79d64f80302578cfd78c2465309d

Headers

File Characteristics

Imports

wsock32

wininet

shell32

kernel32

advapi32

crtdll

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 50KB

.bss Size: - Virtual size: 93KB

.rdata Size: 84B - Virtual size: 84B

.data Size: 6KB - Virtual size: 6KB

.idata Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.edata Size: 80B - Virtual size: 80B

.text
Size: 50KB - Virtual size: 50KB

.bss
Size: - Virtual size: 93KB

.rdata
Size: 84B - Virtual size: 84B

.data
Size: 6KB - Virtual size: 6KB

.idata
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

.edata
Size: 80B - Virtual size: 80B