c4540be982a7e5e2fb16fbb06f46cc40

Sharing

Copy URL Twitter E-mail

General

Target

c4540be982a7e5e2fb16fbb06f46cc40
Size

45KB
MD5

c4540be982a7e5e2fb16fbb06f46cc40
SHA1

a7bb91c97c313594324decba6e70ea31775c3ba1
SHA256

cb7769f5be0110d96a62ace4e5d4d7963b4168784590328135ad9516f656171d
SHA512

3884fae58dd81eeb35177c2f49e5aa8b9517dcfca6174076281ab38ee220eb43f857866761c31de715c48ea87f001b4817ef584feb93a7deb67e3a156bd18c05
SSDEEP

768:VifAYxjhujNBwXk8XEdKrLKw/H0rCWkxfWusN/Q4+HRL:Vi5huhstXE0KwqCveuHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4540be982a7e5e2fb16fbb06f46cc40

Files

c4540be982a7e5e2fb16fbb06f46cc40
.dll windows:4 windows x86 arch:x86

ac806f29e200089c4b4922b63eb2e798

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHDeleteKeyW
SHEnumKeyExA
SHEnumKeyExW
SHDeleteEmptyKeyA
HashData

kernel32

lstrcmpW
GetFileAttributesA
Beep
CloseHandle
CompareStringA
OpenEventA
CreateNamedPipeA
DeleteAtom
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
GetConsoleCP
GetConsoleMode
GetExitCodeProcess
GetExitCodeThread
GetMailslotInfo
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetCurrentProcessId
GetProcessVersion
GetStdHandle
GetCurrentThreadId
GetThreadLocale
GetUserDefaultLCID
GlobalAlloc
IsSystemResumeAutomatic
IsValidLocale
ReleaseMutex
ReleaseSemaphore
GetComputerNameW
GetBinaryTypeA
GetFileType
BackupSeek
BackupRead
lstrcmpA
SetCurrentDirectoryA
FlushViewOfFile
GetDriveTypeW
GetWindowsDirectoryW
GetSystemDirectoryW
GetSystemDirectoryA
GetStartupInfoA

ole32

OleRun

user32

ReleaseDC

advapi32

GetUserNameW
RegLoadKeyA

msvcrt

free
toupper
malloc

version

GetFileVersionInfoA

winmm

timeGetDevCaps
GetDriverModuleHandle
DrvGetModuleHandle
SendDriverMessage

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idata
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac806f29e200089c4b4922b63eb2e798

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

version

winmm

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 17KB

idata Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 768B

.reloc Size: 1024B - Virtual size: 682B

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 17KB

idata
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 768B

.reloc
Size: 1024B - Virtual size: 682B