7cc8d62b3905dc99d34dce225dafdeab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7cc8d62b3905dc99d34dce225dafdeab
Size

12KB
MD5

7cc8d62b3905dc99d34dce225dafdeab
SHA1

f893bc318b2b5b1d801ced7c66c6efc77c448ab3
SHA256

5967d73f1462072620823c097681f1acb29ff3fc157cab619610c1f94cdfdf6b
SHA512

2c7d672f50c68c8795789b50957b7e2c91a3dde914c1fb0b45e5942d9fdf161df74a70d71e6666cd24eeabfb92ee477198f40555f2893a10a990ffc510b1b4fd
SSDEEP

192:9QBa1k2tUA8v5UAQK2Ywl/NpfKGC42G3YO:f9WA8v5UAQKUll1C42G3Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7cc8d62b3905dc99d34dce225dafdeab

Files

7cc8d62b3905dc99d34dce225dafdeab
.dll windows:4 windows x86 arch:x86

ea6a7898b5297865facd991c4035076d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallNextHookEx
SetWindowsHookExA

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

msvcrt

_adjust_fdiv
malloc
_stricmp
_initterm
free
strcat
strrchr
??3@YAXPAX@Z
strcpy
??2@YAPAXI@Z
sprintf
strlen
strncpy
strchr
strstr
fclose
fread
fopen
memset
memcpy
strcmp

kernel32

MultiByteToWideChar
Sleep
VirtualProtectEx
GlobalFree
ReadProcessMemory
WideCharToMultiByte
GlobalAlloc
IsBadReadPtr
GetPrivateProfileStringA
GetProcAddress
GetModuleHandleA
CreateThread
GetModuleFileNameA
GlobalLock
GetCurrentProcess

Exports

Exports

fa
fc

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.NB_pck
Size: 512B - Virtual size: 275B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ