aa83cd91e7d54136b5592ea943c8b7d4 | Triage

Sharing

General

Target

aa83cd91e7d54136b5592ea943c8b7d4
Size

20KB
MD5

aa83cd91e7d54136b5592ea943c8b7d4
SHA1

1bbc600b9b1f65c1433cf94c9f874ec3cc30ef94
SHA256

0e4e4f59f694ab26cd5025b26ed6bb766fec44248643977f7c6772b0125940a9
SHA512

b352cdcc55e8fadd50a21935b7bcff39f7085429cab0b57b83587e76cc5a7d99d5edc633e5fd0c36daa9d8e83bf485ef95fa910c106b1f81642472503fc56017
SSDEEP

384:WNjP0muqbc2NTerk3/o5NY4Moooooooxoo6ooooooooooooooooJooootKvoooor:WNjfuqrBbo5m4Ni0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa83cd91e7d54136b5592ea943c8b7d4

Files

aa83cd91e7d54136b5592ea943c8b7d4
.dll windows:4 windows x86 arch:x86

ab5ebb27aee8aedd7ddba2801981364d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

recv
closesocket
send
gethostbyname
htons
socket
connect
WSAStartup
WSACleanup

kernel32

GetTempFileNameA
OpenEventA
SetEvent
VirtualQuery
Sleep
GetTickCount
CloseHandle
GetLastError
CreateMutexA
lstrcatA
lstrlenA
GetWindowsDirectoryA
GetSystemDirectoryA
lstrcmpiA
lstrcpyA
lstrcpynA
GetSystemTime
WinExec
GlobalFree
GlobalAlloc
lstrcmpA
DeleteFileA
RtlUnwind
GetTempPathA
GetModuleFileNameA
WriteFile
CreateFileA
CreateProcessA
FileTimeToSystemTime
FindClose
FindFirstFileA
GetComputerNameA
ExitProcess
CreateThread

user32

CallNextHookEx
SetWindowsHookExA
SendMessageA
CharLowerA
wsprintfA

advapi32

RegSetValueExA
RegCreateKeyA
RegQueryValueExA
RegCloseKey

Exports

Exports

Activate

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ