8d692dbb9dfe18f07b6e3404c0957339

Sharing

Copy URL Twitter E-mail

General

Target

8d692dbb9dfe18f07b6e3404c0957339
Size

22KB
MD5

8d692dbb9dfe18f07b6e3404c0957339
SHA1

621b5a7a9cd4ccb1d20df88851d2d71cf7e30b4f
SHA256

dd2121bcd75e91bc4ecfa00fb5b4bb184f12f62f617da74751e0cba79866e5d7
SHA512

287301747ec6f6e7c16e98b08128433a8369fffedbadebb267e7abdee1476de00906d7825134d482bfbbb333b44940eda0e9100ca7af3f82f7538932ce5a6f04
SSDEEP

384:zWFeGKAbrAq7YSA0Rj5tFQnKsn9harNcb7eeiqkSk:zWFTbEHqjQnKs9harEe3zj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d692dbb9dfe18f07b6e3404c0957339

Files

8d692dbb9dfe18f07b6e3404c0957339
.dll windows:4 windows x86 arch:x86

d3b272cf98cf5c3035a64fe21a36639b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetCurrentProcess
GetVersionExA
CreateEventA
lstrlenA
GetModuleFileNameA
SetSystemTime
FreeLibrary
lstrcatA
GetSystemDirectoryA
DeviceIoControl
CreateFileA
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceA
OpenProcess
WaitForSingleObject
lstrcpynA
Sleep
GetLastError
ReadProcessMemory
WriteProcessMemory
GetTickCount
GetTempPathA
CreateThread
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
lstrcmpiA
GetSystemTime
ExitProcess

user32

GetDlgItem
GetWindowTextA
FindWindowExA
GetWindowThreadProcessId
IsWindow
SetWindowsHookExA
CallNextHookEx
wsprintfA
MessageBoxA

advapi32

RegNotifyChangeKeyValue
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
DeleteService
OpenServiceA
StartServiceA
ControlService
OpenSCManagerA
RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss1
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3b272cf98cf5c3035a64fe21a36639b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1KB

.bss1 Size: 512B - Virtual size: 60B

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1KB

.bss1
Size: 512B - Virtual size: 60B

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 1KB - Virtual size: 1KB