8d88600aa9134d45bc78a569ec86c9e5

General

Target

8d88600aa9134d45bc78a569ec86c9e5
Size

99KB
MD5

8d88600aa9134d45bc78a569ec86c9e5
SHA1

c7ac8889ed24ee8b9187d5c42e2478722b2f1ebb
SHA256

9031794790f6434823bdb210dcdad8458fd29fea61debe9f326a7016b7d64fb1
SHA512

fcd9f1e58260bed8d6fdcea4e2a8f4f6a6ec1371fc984c3b5802934d63579c35a255ca2765973220b88fd07117a0e34aa09ca97e10b58400542c6923b7813f91
SSDEEP

384:xTCj1v5uXnG1EuwHnyfgUrhGbcakZzgYk:xT21v5CGiHy4UrhGAak1m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d88600aa9134d45bc78a569ec86c9e5

Files

8d88600aa9134d45bc78a569ec86c9e5
.dll regsvr32 windows:4 windows x86 arch:x86

0aa80ee85054532988613f715c462396

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
GetSystemInfo
GetLastError
GetVersionExA
GetModuleHandleA
VirtualQuery
OpenProcess
CloseHandle
GetCurrentProcess
GetCurrentProcessId
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
OpenFileMappingA
CreateThread
Sleep
ReadFile
SetFilePointer
TerminateProcess
DeleteFileA
GetWindowsDirectoryA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

msvcrt

_initterm
calloc
__dllonexit
malloc
_adjust_fdiv
_onexit
realloc
fopen
fseek
ftell
fgets
fclose
atoi
??2@YAPAXI@Z
_strdup
free
sprintf
__CxxFrameHandler
??3@YAXPAX@Z

user32

GetWindowTextA
SetWindowsHookExA
GetWindowThreadProcessId
GetClassNameA
EnumWindows
CallNextHookEx

wininet

InternetCloseHandle
InternetOpenUrlA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetReadFile
InternetCrackUrlA
InternetOpenA

ws2_32

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
MyCallCBTProc

Sections

Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0aa80ee85054532988613f715c462396

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

wininet

ws2_32

Exports

Exports

Sections

Size: 96KB - Virtual size: 96KB

Size: 1024B - Virtual size: 4KB

.avc Size: 1KB - Virtual size: 4KB

.avc
Size: 1KB - Virtual size: 4KB