b8222e6dc96302cd630b1b3a0c9f970e

Sharing

Copy URL Twitter E-mail

General

Target

b8222e6dc96302cd630b1b3a0c9f970e
Size

52KB
MD5

b8222e6dc96302cd630b1b3a0c9f970e
SHA1

b1be3687f6e27fa2a518447018f8a48963d042c1
SHA256

1eea08822d1d63f06651d4b2b2601c2ce7fad7c7b71b12a2c03568f2cbb92e70
SHA512

394a64eb4b3d9bc3077e92d99d7834a1480985658936b42ca270b2f310e1e536a78b5028960a2a949a28427fb08103adaa4f04c3f7ca5cd896d991dea95b986a
SSDEEP

768:5gcs8aBeQNljlU2TL/ee3LnjhbBW7IZB8tVtuD1T:KGaQ29Lnlb4SetuD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8222e6dc96302cd630b1b3a0c9f970e

Files

b8222e6dc96302cd630b1b3a0c9f970e
.dll windows:4 windows x86 arch:x86

a5d76251fa76708a016ccae236c0a02c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
lstrcatA
lstrlenA
GlobalAlloc
lstrcpyA
GlobalFree
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
MultiByteToWideChar
GetLocaleInfoA

user32

GetSystemMetrics
GetDC
ReleaseDC
GetGUIThreadInfo
ClientToScreen
CallNextHookEx
wsprintfA
PostThreadMessageA

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
BitBlt
DeleteObject
GetDIBits

Exports

Exports

GetMsgProc
LowLevelKeyboardProc
LowLevelMouseProc
SetCaptureParameters
SetEventThreadId

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svchos
Size: 4KB - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5d76251fa76708a016ccae236c0a02c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 6KB

.svchos Size: 4KB - Virtual size: 540B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 6KB

.svchos
Size: 4KB - Virtual size: 540B

.reloc
Size: 4KB - Virtual size: 3KB