966fc96a5de0cfad769451362a9d27ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

966fc96a5de0cfad769451362a9d27ea
Size

6KB
MD5

966fc96a5de0cfad769451362a9d27ea
SHA1

c1a1d6b2e29e1ac1ea19dc97f93a0ce04a9295b8
SHA256

81769f91daabf5369cc46239f972bdec3ea7d963d1fd5cde663a5fe3a162ea8e
SHA512

3ca0b8aa5fcf0b67c3a35042b17140715b187fb625571f4b9895406b30bfe56058d583b2c599ed155caf806532203fc3c9ad512a573bd170200799d7b7aa7f79
SSDEEP

96:Z1aRn2xowhWUUjHJv8yqkJCH4bGYHYC9ZO9LfdNm8/8e5PuJEiAHr2l:+RVwhWhAkZKkzZUdT9gylHr2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966fc96a5de0cfad769451362a9d27ea

Files

966fc96a5de0cfad769451362a9d27ea
.dll windows:1 windows x86 arch:x86

e041c95aadc873e8c64d630a2abb5b0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

GetUserNameA

kernel32

CloseHandle
CreateFileA
CreateRemoteThread
CreateThread
DeleteFileA
GetFileSize
GetLocalTime
GetProcAddress
GetTempPathA
GlobalAlloc
GlobalFree
LoadLibraryA
OpenProcess
ReadFile
SetCurrentDirectoryA
SetFilePointer
Sleep
VirtualAllocEx
WinExec
WriteFile
WriteProcessMemory

user32

CallNextHookEx
FindWindowA
GetForegroundWindow
GetKeyboardState
GetWindowTextA
GetWindowThreadProcessId
MessageBoxA
SetWindowsHookExA
ToAscii
wsprintfA

wsock32

WSACleanup
WSAStartup
closesocket
connect
htons
inet_addr
recv
send
socket

wininet

InternetGetConnectedState

Exports

Exports

myshit
sendm

Sections

500mhz
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

500mhz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE