7f6665f6c44914194c0bc31f33bd1985 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f6665f6c44914194c0bc31f33bd1985
Size

9KB
MD5

7f6665f6c44914194c0bc31f33bd1985
SHA1

a8f21c91a18c13da834de7b377401505d8ee5113
SHA256

90a4e4d28638a054b84e8ddd0c0989365168748d3498b3c548b2f96366b9716b
SHA512

d72f45d87ccf7cfa33ba20aef358aa99e9fc2999e8b1476297a1d3bc77eeb02107521fc079aebd1d15d30c7fdb6ec914013030ad0f2fefc858b7335fcd7ea50f
SSDEEP

192:iKt++Lr/1KtzNmsmMfsZtUs4JlDcA9yJR1duh9JFQI7K:iB+tKtpLmMfsjUFrcA9UR6h9rx7K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f6665f6c44914194c0bc31f33bd1985

Files

7f6665f6c44914194c0bc31f33bd1985
.dll windows:4 windows x86 arch:x86

00dfdb56b0a3ec7ec1c7c355d12ce665

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
GetSystemDirectoryA
ExitProcess
Sleep
GetLastError
DeleteFileA
FreeLibrary
ExitThread
DisableThreadLibraryCalls
OutputDebugStringA
WinExec
LoadLibraryA
CloseHandle
MapViewOfFileEx
CreateFileMappingA
lstrcmpA
VirtualProtect
HeapReAlloc
HeapAlloc
MapViewOfFile
CreateFileA
lstrcmpiA
lstrcpyA
GetProcessHeap
HeapFree
GetModuleHandleA
GetModuleFileNameA
lstrlenA
GetProcAddress
CreateThread

user32

GetDesktopWindow
RegisterClassA
RegisterClassExA
DefWindowProcA
CreateWindowExA
ShowWindow
GetMessageA
DispatchMessageA
TranslateMessage
wvsprintfA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA

wininet

InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable
HttpQueryInfoA
InternetOpenUrlA
InternetCanonicalizeUrlA
InternetOpenA

Exports

Exports

HookIAT

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ