8c15e7960361c3716ef69c80d9b9cfb6

Sharing

Copy URL Twitter E-mail

General

Target

8c15e7960361c3716ef69c80d9b9cfb6
Size

128KB
MD5

8c15e7960361c3716ef69c80d9b9cfb6
SHA1

fefe9bdc91c99cd2a351e9d5f99117fbf822ebec
SHA256

093973f9e35545b6fd19958521eafd1c329d4687db960bdf314b270a30536800
SHA512

89453f5ee7df9c05873e6a1c70615d57a6887ca73c5546b8517954d8ffb87292c6140b89114035dfe8023adf8158b2a43cdc5fd02c214a7a8631a3e51a7cbf0f
SSDEEP

1536:dpk2aGOt7bf9aApYh2qlFyf4TdoH/Tvly451Z27oTI6Ql2e:dpUH5zF27obQl2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c15e7960361c3716ef69c80d9b9cfb6

Files

8c15e7960361c3716ef69c80d9b9cfb6
.dll windows:4 windows x86 arch:x86

f7f91da095fda1ef376ec23aacb4585b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
OpenProcess
lstrcatA
Sleep
GetSystemDirectoryA
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
RtlUnwind
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
CreateFileA
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
SetEnvironmentVariableA
CompareStringW
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetLastError
CloseHandle
InitializeCriticalSection
WriteFile
ExitProcess
CreateThread
ReadFile
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
SetFilePointer
InterlockedIncrement
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
HeapAlloc

user32

SetWindowsHookExA
CallNextHookEx
ToAscii
GetKeyState
GetKeyboardState
ReleaseDC
ClientToScreen
GetWindowDC
GetDesktopWindow
GetWindowTextA
ScreenToClient
PtInRect
ExitWindowsEx
GetWindowLongA
GetActiveWindow

gdi32

GetPixel

advapi32

OpenProcessToken
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegSetValueExA

ws2_32

WSACleanup
socket
htons
inet_addr
connect
closesocket
send
recv
gethostname
inet_ntoa
WSAStartup
gethostbyname

Exports

Exports

insthook

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

shared
Size: 4KB - Virtual size: 981B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7f91da095fda1ef376ec23aacb4585b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 74KB

shared Size: 4KB - Virtual size: 981B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 74KB

shared
Size: 4KB - Virtual size: 981B

.reloc
Size: 4KB - Virtual size: 3KB