c074fe0a4605edc46712c1521bec103b

Sharing

Copy URL

Twitter E-mail

General

Target

c074fe0a4605edc46712c1521bec103b
Size

8KB
MD5

c074fe0a4605edc46712c1521bec103b
SHA1

4b5b2d783db9a1530399d572e89e147076adc78e
SHA256

ba9cdc1c011d719ef70a8744fc71f4cb335c868866bbe608bbe076155db56aab
SHA512

866a2ef0957e2af5123bce1b1f9e28e1a82deb7c5c7e7e2a5d54c1f6553487ce907e683dfb69c76e6f9e984db98ecd1d96e84502e32891041d2c6d8c6ccd8ce9
SSDEEP

96:SWSHW+Iz4NYJDm/NEoBGcqbWx+D2P4JhM14HL8yGshC+8omxK65slZZx:SF3Y5mjUbQ7P4c14rvhCgmkqslZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c074fe0a4605edc46712c1521bec103b

Files

c074fe0a4605edc46712c1521bec103b
.dll windows:6 windows x86 arch:x86

e2b65ca68a2c19f6b9756c1000ca6e19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

rewind
rename
remove
putc
getchar
fwrite
fseek
fread
fopen
fgetc
fclose
exit
strcmp

kernel32

ReadFile
GlobalFindAtomW
CreateSemaphoreW
EnumTimeFormatsW
lstrcatW
HeapAlloc
HeapCreate
DebugBreak
IsDebuggerPresent
GetTempPathW
ReplaceFile
GetFileSize
CreateFileW
SetCalendarInfoW
WriteConsoleA
ExitProcess
MulDiv
DeviceIoControl
GetFullPathNameW

urlmon

CoInternetCreateSecurityManager
GetClassFileOrMime
GetClassURL
UrlMkGetSessionOption
CoInternetCreateZoneManager
RevokeBindStatusCallback
ObtainUserAgentString

rpcrt4

RpcServerUseAllProtseqsIfEx
RpcSmSetThreadHandle
NdrConformantStructBufferSize
NdrServerUnmarshall
RpcAsyncGetCallStatus
NdrServerContextMarshall

mpr

WNetGetUserW
WNetGetUniversalNameA

wsock32

recvfrom
ord1106
getsockopt
shutdown
connect
WSAAsyncGetServByName
WSACancelAsyncRequest
htons
ord1130

ws2_32

WSAGetServiceClassNameByClassIdW
WSCDeinstallProvider
WSAAddressToStringW
WSAEnumNameSpaceProvidersA
WSAGetServiceClassNameByClassIdA
WSASendDisconnect

mscms

UnregisterCMMW
GetPS2ColorRenderingDictionary
RegisterCMMA
IsColorProfileTagPresent
SetStandardColorSpaceProfileW
GetColorProfileElementTag

winspool.drv

OpenPrinterW
FindFirstPrinterChangeNotification
EnumPrinterKeyA
ord203
EnumPrintersW

Exports

Exports

Hkcoedclxfkckdl
fsdfdgdfgdfgdfg
hjhjhfc
jhgjghjghjgh
opopiosfd
ugxsdfffg
uiuiuyibgf
yghgfhfdg

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e2b65ca68a2c19f6b9756c1000ca6e19

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

urlmon

rpcrt4

mpr

wsock32

ws2_32

mscms

winspool.drv

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 116B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 116B

.rsrc
Size: 512B - Virtual size: 480B