85bbd40e6067b7b69fc7ea8ac46c2b01

General

Target

85bbd40e6067b7b69fc7ea8ac46c2b01
Size

34KB
MD5

85bbd40e6067b7b69fc7ea8ac46c2b01
SHA1

9665dcbd7b6ba0ae24a53c0ba3d0e06b8896d6eb
SHA256

044eaaffc31ab24f1b6bd275050675ce8d1a354be9cded122b7543109212ba78
SHA512

65781d6f532fb5a6eb23c29d845064866fe7705ca4e5da3c3c68c459003c437f2c4b1c1e27f7504ad8dd673dc3da2c664d66150dca890b782dcaebc97679ca06
SSDEEP

768:IdHPvTMyE5JoeF+Ahua8KSgrKVbRWT+gm2eYO:dCecAga8KS+sWq2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85bbd40e6067b7b69fc7ea8ac46c2b01

Files

85bbd40e6067b7b69fc7ea8ac46c2b01
.dll windows:4 windows x86 arch:x86

d0bd35a43d244545627c537f06ceca12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagehlp

ImageDirectoryEntryToData

kernel32

GetLastError
FreeLibrary
LoadLibraryA
MoveFileA
DeleteFileA
GetFileAttributesA
lstrcpyA
ExitProcess
GetCommandLineA
GetTickCount
GetSystemDirectoryA
Sleep
CreateFileA
WriteFile
SetFilePointer
lstrlenA
ReadFile
GetSystemTime
lstrcatA
GetFileSize
GetModuleFileNameA
SetLastError
lstrcmpiA
GlobalFree
RtlUnwind
GetProcessId
GetCurrentProcess
WriteProcessMemory
VirtualQuery
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32First
Module32Next
CloseHandle
GetSystemInfo
GetModuleHandleA
GetProcAddress
GlobalAlloc
RaiseException
GetLocalTime
lstrcpynA
GetProcessTimes
CreateProcessA
GetVersionExA
CreateMutexA
OpenProcess
VirtualProtect

user32

wvsprintfA
wsprintfA
CallNextHookEx
UnhookWindowsHookEx
CharLowerA
SendMessageA
SetWindowsHookExA

advapi32

ChangeServiceConfigA
InitializeAcl
IsValidAcl
ControlService
OpenSCManagerA
OpenServiceA
DeleteService
CloseServiceHandle
RegCreateKeyA
RegEnumValueA
RegDeleteValueA
RegCloseKey

Exports

Exports

ControlProc

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0bd35a43d244545627c537f06ceca12

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 7KB

Shared Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 7KB

Shared
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB