b73c552170dc0a3f7dcd4bcefb832e33

General

Target

b73c552170dc0a3f7dcd4bcefb832e33
Size

176KB
MD5

b73c552170dc0a3f7dcd4bcefb832e33
SHA1

22c0408730b8f77def70d98a3a74aeeb2654e509
SHA256

6fafde64da8cebf54c3e9b149d274bf5ad3f44f59312355d2a01095ed10a50be
SHA512

d1c676c70d0b2f9a61b4e575a0b38e931c088f80c49a0466208d2075f2385a0531bf0b2e123502b1575ce10fb67e4b7b8e19c0ebd584eb7caa872b22c0462909
SSDEEP

3072:N7j2N6Slen43zPr1C7i940q37PTm/4aONNZPVFYSXRpBkBLSsmNZ:wN6Slu4jPrmiitLrs4rNNZTBGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b73c552170dc0a3f7dcd4bcefb832e33

Files

b73c552170dc0a3f7dcd4bcefb832e33
.dll windows:4 windows x86 arch:x86

e555b28e800b51dad26e7a6a030a3db3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
LockFileEx
GlobalDeleteAtom
HeapSize
HeapQueryInformation
GetModuleHandleA
lstrlenA
GetConsoleAliasExesLengthA
VirtualAlloc
CreateFileMappingW
FindVolumeMountPointClose
EnumResourceLanguagesA
SetEnvironmentVariableA
EnumResourceNamesA
GetProcessAffinityMask
SetFilePointer
GetStringTypeExA
SetConsoleCtrlHandler
SetConsolePalette
GetDiskFreeSpaceA
GetConsoleTitleA
IsValidLanguageGroup
SetProcessWorkingSetSize
GetEnvironmentVariableA
SetSystemPowerState
HeapSize
IsBadStringPtrA
EndUpdateResourceA
OpenFileMappingA
FindVolumeClose
HeapDestroy
SetConsoleTextAttribute
GetThreadPriorityBoost
GetDefaultCommConfigA
GetCommState
TermsrvAppInstallMode
CreateSocketHandle
VirtualAlloc
GetCPInfoExA
GetModuleFileNameA
GetLocaleInfoA
GetFileAttributesExA
WriteConsoleA
GetConsoleFontInfo
GetProcessIoCounters
IsProcessorFeaturePresent
lstrcmpi
GetLogicalDriveStringsA
WriteConsoleOutputA
GetCurrentThread
WriteConsoleInputA
IsDebuggerPresent
FindFirstChangeNotificationA
SetConsoleOutputCP
QueryInformationJobObject
lstrcpy
GetSystemPowerStatus
ProcessIdToSessionId
GetEnvironmentStringsA
GetFileAttributesExA
GetVersionExA
CreateWaitableTimerA
ReadConsoleOutputA
GetConsoleMode
VirtualLock
SystemTimeToTzSpecificLocalTime
_lopen
OpenProcess

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetSystemTime
timeGetTime

Sections

.text
Size: - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 164KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e555b28e800b51dad26e7a6a030a3db3

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Sections

.text Size: - Virtual size: 348B

.itext Size: 164KB - Virtual size: 169KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: - Virtual size: 348B

.itext
Size: 164KB - Virtual size: 169KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB