7c1bd9e498e0b4b9a596992523bb2d95 | Triage

Sharing

General

Target

7c1bd9e498e0b4b9a596992523bb2d95
Size

7KB
MD5

7c1bd9e498e0b4b9a596992523bb2d95
SHA1

50554169be6aad717dc75529e1aeb14acb86f851
SHA256

d53c1befa718cb1818fac9756b9fddab267c8b46d8ae30d3ea266ffccf67ee10
SHA512

8296c3f9ff71eaa4089e910b0a538f820bc8040068df970ac46b15d12b864ca6b8229030a553cc5517671af3c3a373b7bd8fdeb46ccc7321ed83811e4f4fe467
SSDEEP

96:VMSlbcjxipiypRgHMzaC4dS2li+yLVJOJmqkwgBE6:zcQpiQsPiDVgJmq0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c1bd9e498e0b4b9a596992523bb2d95

Files

7c1bd9e498e0b4b9a596992523bb2d95
.dll windows:4 windows x86 arch:x86

6fb7acdba64eca47643fdb07f4407298

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetComputerNameA
WriteProcessMemory
ReadProcessMemory
GetCurrentProcessId
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
Sleep
GetCurrentProcess
ExitProcess

user32

GetWindowThreadProcessId
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
FindWindowA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

sprintf
_adjust_fdiv
malloc
_initterm
free
memcpy
strchr
strncpy
strrchr
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
_stricmp
strcmp
strcat
strcpy
strlen

Exports

Exports

fa
fc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdat
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ