b40280f7fd33489611238f10a6da48d2

General

Target

b40280f7fd33489611238f10a6da48d2
Size

18KB
MD5

b40280f7fd33489611238f10a6da48d2
SHA1

47756af9c42429c52929efde03355b9c0bfbea1e
SHA256

b3dff8ca3101fc7cb535701850790d93936ca03ebc973ced065b80743d8e564b
SHA512

aecc92f9c5f04aef0795825e4f18eacb19cb2e10368a2ffa2488e53e692bae257cc21da5b626d37d36d64380efd4f73c8a73624c079179f30886bde2bdc0d71a
SSDEEP

384:3lHqoDuyvF8VYq0Ks4aZUoOmzhd+3ODgu822qg5by9UK:1HOGKs4aZUngebu82WbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b40280f7fd33489611238f10a6da48d2

Files

b40280f7fd33489611238f10a6da48d2
.dll windows:4 windows x86 arch:x86

19a8247f7b122bdbe9b717840b6c0722

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
CloseHandle
CreateFileW
ReadFile
WriteFile
GetFileSize
GetSystemDirectoryW
GetWindowsDirectoryW
WritePrivateProfileStringW
GetPrivateProfileStringW
CreateThread
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GlobalFree
DeleteCriticalSection
FindClose
FindFirstFileW
FindNextFileW
Sleep
LoadLibraryW
MoveFileExW
DeleteFileW
FreeLibrary
GetProcAddress
WaitForSingleObject
RemoveDirectoryW
GlobalAlloc
GetVersionExW
GetModuleFileNameW
CreateDirectoryW
GetVolumeInformationW
GetLastError
CreateMutexW
LoadLibraryA
VirtualProtect
VirtualAlloc
VirtualFree
CancelIo
ExitProcess
VirtualQuery

��⨠�

GetDesktopWindow
ValidateRect
CreateDesktopW
ord6
ord19
ord52
ord23
ord9
ord4
WSAIoctl
ord18
ord16
ord21
ord3
ord115
_stricmp
memmove
memcpy
wcscpy
wcscat
wcsrchr
strstr
strcpy
_wcslwr
wcsstr
memset
wcscmp
wcschr
_wcsnicmp
_wcsicmp
wcslen

��⨠�

ShellExecuteW
SHGetSpecialFolderPathW

Exports

Exports

CheckFormat

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19a8247f7b122bdbe9b717840b6c0722

Headers

File Characteristics

Imports

kernel32

������⨠�

�������⨠�

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 192B

.reloc Size: 1KB - Virtual size: 1KB

��⨠�

��⨠�

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 192B

.reloc
Size: 1KB - Virtual size: 1KB