976a5f6b1b2cc281d2f66bfb9776fdd6

Sharing

Copy URL Twitter E-mail

General

Target

976a5f6b1b2cc281d2f66bfb9776fdd6
Size

27KB
MD5

976a5f6b1b2cc281d2f66bfb9776fdd6
SHA1

84c7b41a9ff6ac0ea44513181b650f8936633cd6
SHA256

c069c81b858b097dcc4c9f27ed6bbeee08958240599356475cb9a113e4f1edde
SHA512

40439c2a6502e19773879e72c0eeed09fccbd280efc0d3b851039c5348eef13c96d7660449129dcb7a80cb7e97665aaf2f0e6368b07f9926717e700608f55c9c
SSDEEP

384:myLPNY3dMG9rm/z51KCYiBq1duD9mjgk3xl4OdWzJrNb361bpy8p9tqh2+I1Gp:mcN6Msq/yLEmHb4rvO102tS2nGp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
976a5f6b1b2cc281d2f66bfb9776fdd6

Files

976a5f6b1b2cc281d2f66bfb9776fdd6
.dll windows:6 windows x86 arch:x86

d9bb36b8e92b40f65724e6a168f9f00a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
SetFileAttributesA
GetModuleHandleA
lstrlenW
GetFileAttributesA
WideCharToMultiByte
SetUnhandledExceptionFilter
lstrlenA
GetModuleFileNameA
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
UnhandledExceptionFilter
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey

msvcp140

?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z

wininet

InternetReadFile
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle
HttpSendRequestA

urlmon

URLDownloadToFileA

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
strstr
_except_handler4_common
__std_type_info_destroy_list
memcpy
__std_terminate
memmove
__CxxFrameHandler3
memset

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_initterm_e
_execute_onexit_table
_crt_atexit
_beginthread
_register_onexit_function
_seh_filter_dll
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_initialize_narrow_environment

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsnprintf_s

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9bb36b8e92b40f65724e6a168f9f00a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcp140

wininet

urlmon

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB