8be2a4de188157b347a332869bad5c5b

Sharing

Copy URL Twitter E-mail

General

Target

8be2a4de188157b347a332869bad5c5b
Size

30KB
MD5

8be2a4de188157b347a332869bad5c5b
SHA1

858e1b081b2eaf5ff031d894dd67e5b329fe1940
SHA256

d32195dd1c601894b31a7f8fea99308377a1393ecebf0a05fd46f2c185bbedaa
SHA512

6a3f493306bf0ddc98847b507edbb50ac3d9394062f006d0a6d9286b499d75f7fd06353e374eb574562a0573cd2d03c8156e441a0a8bf3862847406b5acc917f
SSDEEP

768:f91DMytlNu7LJiDFAKBdcFk4w0fhgMEC4G+:f9RMy34MuM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8be2a4de188157b347a332869bad5c5b

Files

8be2a4de188157b347a332869bad5c5b
.dll windows:4 windows x86 arch:x86

ec57ec39fe2f1b1a46d6d3f56d20ed13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadPriority
GetPrivateProfileStringA
GetModuleHandleA
ReadProcessMemory
SetUnhandledExceptionFilter
SetThreadContext
OpenThread
GetProcAddress
ReadFile
CreateFileA
Thread32Next
GetThreadPriority
Thread32First
CreateToolhelp32Snapshot
WideCharToMultiByte
MultiByteToWideChar
TerminateProcess
CreateProcessA
GetModuleFileNameA
VirtualAlloc
LoadLibraryA
ExitProcess
WaitForSingleObject
GetCurrentThreadId
GetCurrentProcess
GetCurrentThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualProtect
SetFilePointer
WriteFile
DeleteFileA
VirtualProtectEx
WriteProcessMemory
CloseHandle
GetCurrentProcessId
CreateMutexA
GetLastError
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCommandLineA
IsBadReadPtr
TerminateThread
GetSystemDirectoryA
CreateThread

user32

GetWindowThreadProcessId
GetWindowTextA
GetForegroundWindow
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
FindWindowA

wininet

InternetCloseHandle
InternetReadFile

msvcrt

??3@YAXPAX@Z
_strcmpi
_strlwr
_stricmp
wcslen
strcmp
fopen
fread
fclose
strstr
??2@YAPAXI@Z
memcpy
strrchr
memset
strcat
sprintf
strcpy
strlen
atoi
_strupr
strncpy
strchr

Exports

Exports

rrr
sss

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdt
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec57ec39fe2f1b1a46d6d3f56d20ed13

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 14KB

sdt Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 14KB

sdt
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 2KB