b67af53f43645c9c00c9b9b61f214a2d

General

Target

b67af53f43645c9c00c9b9b61f214a2d
Size

32KB
MD5

b67af53f43645c9c00c9b9b61f214a2d
SHA1

d4b0a636b2a6abadf2dfb45f6011a011d2a11ce7
SHA256

493573a1815a8383385f316a06471555d241f0559587a2f0d47c60e995605ac9
SHA512

722ad942a4f52d4da4f57466240efdae6aa4e9976c237be6843b5074c4fc34bc3186b5a3e26edcf365a14eee1c34cb6d17e222a1275e9bca4f98cf7eb6109f0c
SSDEEP

384:B1FA16CnhEAIhaWbGv8WA7mnUF0YM+DsPcnVktVmF:va1FNIh/+8WANF0YhDs04mF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b67af53f43645c9c00c9b9b61f214a2d

Files

b67af53f43645c9c00c9b9b61f214a2d
.dll windows:4 windows x86 arch:x86

388ab9f12b75bbadf804c62c7f2944b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetPixel

advapi32

CreateServiceA
RegCreateKeyA
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
RegSetValueExA

ws2_32

closesocket
recv
send
WSAGetLastError
connect
htons
socket
gethostbyname
WSAStartup

kernel32

WaitForMultipleObjects
ResetEvent
GetLastError
CreateFileA
WaitForSingleObject
DeviceIoControl
CloseHandle
SetLastError
VirtualProtect
FlushInstructionCache
GetCurrentProcess
GetProcAddress
LoadLibraryA
SetThreadPriority
GetCurrentThread
Sleep
CreateThread
GetModuleFileNameA
CreateEventA
GetSystemDirectoryA
GlobalFindAtomA
IsBadReadPtr
TerminateProcess
GlobalAddAtomA
ExitThread
SetEvent
OutputDebugStringA

user32

GetClientRect
GetDC
MessageBoxA
FindWindowA
GetWindowTextA
SetWindowsHookExA
CallNextHookEx

msvcrt

strcat
_stricmp
_adjust_fdiv
malloc
_initterm
free
strstr
strchr
memcpy
sprintf
strlen
fwrite
fopen
fread
atoi
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
_EH_prolog
memset
_itoa
strcpy
strcmp
strrchr

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

388ab9f12b75bbadf804c62c7f2944b0

Headers

File Characteristics

Imports

gdi32

advapi32

ws2_32

kernel32

user32

msvcrt

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB