be91c42d95fcf770dbeafad198348b21

General

Target

be91c42d95fcf770dbeafad198348b21
Size

13KB
MD5

be91c42d95fcf770dbeafad198348b21
SHA1

a5c9c95b55d255695d7171cb8773edf73020d693
SHA256

e1ab2b8cfe75befe69f37819c72a0f295b888f10f4a505bd414fc8655dad1614
SHA512

d55639e987a60da55ce170220bd678cfac5156420f908d14a06512be3b63add1ba43778dca1769976b7b4afdb58680832e6df58b2481eae682194c2909631c83
SSDEEP

192:6FCLZ6F0Q3UA8+7ryQudArNeb8mPA1tiCr4P:6FiS13UAd7+QuugA1sv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be91c42d95fcf770dbeafad198348b21

Files

be91c42d95fcf770dbeafad198348b21
.dll windows:4 windows x86 arch:x86

f89b3e5d2bdcc432398b0d98195b91ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
DeleteFileA
CreateFileA
WriteFile
OpenEventA
Sleep
GetFileSize
ReadFile
GetModuleFileNameA
VirtualProtectEx
VirtualFreeEx
GlobalFree
GlobalLock
GlobalAlloc
GetCurrentProcessId
CreateThread
GetCurrentProcess
CreateEventA
SetThreadPriority
OutputDebugStringA
CopyFileA
GlobalUnlock
GetComputerNameA
CreateRemoteThread
GetCurrentThreadId
CreateToolhelp32Snapshot
Process32First
Process32Next
CloseHandle
VirtualFree
ReadProcessMemory
VirtualAlloc

user32

UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetWindowTextA
GetWindowThreadProcessId
FindWindowA
wsprintfA
GetInputState
PostThreadMessageA
GetMessageA

advapi32

RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegSetValueExA

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdata
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f89b3e5d2bdcc432398b0d98195b91ca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 11KB - Virtual size: 10KB

sdata Size: 512B - Virtual size: 260B

.reloc Size: 1024B - Virtual size: 728B

.text
Size: 11KB - Virtual size: 10KB

sdata
Size: 512B - Virtual size: 260B

.reloc
Size: 1024B - Virtual size: 728B