be367a74720501ec7254f5f64b73f42e

General

Target

be367a74720501ec7254f5f64b73f42e
Size

21KB
MD5

be367a74720501ec7254f5f64b73f42e
SHA1

9c9f29a8cb3e87015c6a8a12438b4b7b00b2c0a0
SHA256

5ad98eca6c138a9e244b4e79d40e10b4af86c1e44a4db5eead6488feff720061
SHA512

75519faa7e760d45859f4b70099212c69fd6dc06b82762f917e7d1c1c45b955ab3f66754e2c67225a75fe4b49d0a3d9a422096bb9bf02dccb01bd6cb43fd42da
SSDEEP

384:/DaytOj2bRYq/SSOUk2ycNP3bK3x6zYtYvqU6q8dpGU:LxtO4RYFSOU/ycd25Ycf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be367a74720501ec7254f5f64b73f42e

Files

be367a74720501ec7254f5f64b73f42e
.dll windows:4 windows x86 arch:x86

31dd85fa16991517c9044f5807bad0eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
PostMessageA
MessageBoxIndirectW
IsMenu
GetDlgItem
EnableWindow
DefDlgProcA
DdeCreateDataHandle
DdeCmpStringHandles
CallWindowProcW
wsprintfA

kernel32

lstrlenA
AddAtomA
Beep
CloseHandle
CreateFileA
CreateThread
DeviceIoControl
ExitProcess
ExitThread
FillConsoleOutputCharacterA
FlushViewOfFile
GetFileSize
GetLastError
GetProcAddress
GetProcessHeaps
GetSystemTime
GetSystemWindowsDirectoryW
GetTickCount
HeapAlloc
HeapFree
InitAtomTable
LoadLibraryA
LoadLibraryExA
MulDiv
MultiByteToWideChar
OpenMutexA
RtlMoveMemory
SleepEx
SystemTimeToTzSpecificLocalTime
WaitForDebugEvent
WideCharToMultiByte
WriteConsoleA
WriteFile
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA

ole32

CreateStreamOnHGlobal

gdi32

SelectObject
GetGlyphIndicesA
GetDeviceCaps
GetDIBColorTable
DeleteObject
DeleteDC
CreateDIBSection
CreateDCA
CreateCompatibleDC
BitBlt

Exports

Exports

thtdwn

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

31dd85fa16991517c9044f5807bad0eb

Headers

File Characteristics

Imports

user32

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 78KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 1KB