86d6f6f381f1c05d6edc001a882f98aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86d6f6f381f1c05d6edc001a882f98aa
Size

18KB
MD5

86d6f6f381f1c05d6edc001a882f98aa
SHA1

cb59f99460e4649ffd06e97fc60045572584bc2f
SHA256

9a4e541b6526a85ee3bdbd2c040cbea4a0e02cb2c99cb227dbca73e0e4bd01b6
SHA512

74d7eddc04e65c4eb39f053b819b99fa97295c841092e9e6d70121d2eccffa36942665bdabd7bcfeaa6aa59fe6178b90d8e3810ebf9d60aea69aaeb642977068
SSDEEP

384:E/BHo7xX9iGgOa7Pfp+/BRiBZWG5VL3ArCQBL+k7OUXiTPV:EK7TiGgH7PR8BnKVL3A+k7DX+PV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86d6f6f381f1c05d6edc001a882f98aa

Files

86d6f6f381f1c05d6edc001a882f98aa
.dll windows:4 windows x86 arch:x86

fedfc33dcac1807d8e26bf3a6cf34097

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateThread
SetThreadPriority
CreateThread
GetModuleFileNameA
DisableThreadLibraryCalls
EnterCriticalSection
DeleteCriticalSection
GetSystemDirectoryA
CompareStringW
CreateProcessA
WriteFile
GetTempPathA
GetLocalTime
VirtualAlloc
VirtualFree
DeleteFileA
Sleep
CreateFileA
GetLastError
CloseHandle
LoadLibraryA
DebugBreakProcess
GetProcAddress

user32

GetDC
GetCursor

wininet

InternetReadFile
InternetCloseHandle
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA

gdi32

GetPixel

advapi32

OpenSCManagerA
CloseServiceHandle
ControlService
OpenServiceA
DeleteService

msvcrt

_except_handler3
sprintf
memcpy
strcat
strcpy
strrchr
strlen
memset

Exports

Exports

DriverProc
modMessage
modmCallback

Sections

iyihuwf
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ