acaa1cdbb5d294c8b212403e14530e8b

General

Target

acaa1cdbb5d294c8b212403e14530e8b
Size

78KB
MD5

acaa1cdbb5d294c8b212403e14530e8b
SHA1

127ec98160f160f852bf97423478813d56712032
SHA256

5810cf6d46c4a99c0d1f806f424ad847df21206c9f34744b30b6fdafc59857bd
SHA512

46b1d63b4078797c482d3c567ac669f9b530a8f01a111b4c365058acff861f94f578558d6825d81df20e8f56b00663765995a66cd5bf455646abf73082acdd5f
SSDEEP

1536:vaQNp6uybtKnO1y/4dJ4PVg2Gcb/6wyuEd00FckyCBTQNyg2v3uIssbF6KKm:vdeVogUPCNcbiwTByy7yg22deF6KK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acaa1cdbb5d294c8b212403e14530e8b

Files

acaa1cdbb5d294c8b212403e14530e8b
.dll windows:5 windows x86 arch:x86

c366224a66a941ea579ef3204501285e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetModuleFileNameExA

ntdll

isspace
tolower
memset
_chkstk
NtQueryInformationProcess

ws2_32

WSAStartup
ioctlsocket
inet_addr
select
WSAGetLastError
setsockopt
sendto
recv
shutdown
__WSAFDIsSet
gethostbyname
send
WSASocketA
htons
closesocket
WSASetEvent
inet_ntoa
ntohs
socket

kernel32

GetModuleHandleA
VirtualFree
GetTempPathA
GetTempFileNameA
lstrcmpA
SetThreadPriority
ExitThread
ReadFile
GetVolumeInformationA
WriteFile
GetTickCount
lstrcpynA
SetFilePointer
GetFileSize
CreateFileA
GetComputerNameA
VirtualProtect
VirtualQuery
GetVersionExA
CreateEventA
CreateMutexA
ResetEvent
GetExitCodeThread
EnterCriticalSection
VirtualAlloc
SetLastError
GetLastError
LeaveCriticalSection
GetCurrentThread
QueueUserAPC
DisableThreadLibraryCalls
lstrlenA
GetCurrentProcess
GetProcessHeap
InitializeCriticalSection
OpenProcess
Thread32First
Thread32Next
lstrcatA
lstrcmpiA
GetProcAddress
LoadLibraryA
OpenThread
OpenMutexA
GetSystemInfo
GetModuleFileNameA
WaitForSingleObject
CreateToolhelp32Snapshot
DeleteCriticalSection
GetCurrentThreadId
DuplicateHandle
CloseHandle
GetCurrentProcessId
SuspendThread
ResumeThread
lstrcpyA
HeapAlloc
HeapFree
Sleep

user32

wsprintfA

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c366224a66a941ea579ef3204501285e

Headers

DLL Characteristics

File Characteristics

Imports

psapi

ntdll

ws2_32

kernel32

user32

Sections

.text Size: 67KB - Virtual size: 66KB

.data Size: 6KB - Virtual size: 85KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 67KB - Virtual size: 66KB

.data
Size: 6KB - Virtual size: 85KB

.reloc
Size: 3KB - Virtual size: 3KB