c24ceca7915304c5f92c6c3f942cc415 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c24ceca7915304c5f92c6c3f942cc415
Size

83KB
MD5

c24ceca7915304c5f92c6c3f942cc415
SHA1

eee56094377c4bc0895b7f5357efef0038f5201c
SHA256

7d15e4982339a18a7555a6923e2fd23ddd0500a2e478caf885d3b061ff6a6dc9
SHA512

d123723441e43e62d0ae58027ad884b6e5e330e86fae4b0309363c95b861d9be1bc3b464fd8f44ddb966eb4d7a1f788dd610772538755d45ab5f2a877ed0fc82
SSDEEP

1536:Z8vtTq34tUTdizsgo86IMKlq4EjJ2d8q+VNlHl5C:ZgtTqItUT8zsggKlfAc8jfnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c24ceca7915304c5f92c6c3f942cc415

Files

c24ceca7915304c5f92c6c3f942cc415
.dll windows:4 windows x86 arch:x86

a1a1cb0105951d7dfaa956702d88c8f8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
GetLastError
CloseHandle
WriteFile
CreateFileA
FreeLibrary
Sleep
GetProcAddress
LoadLibraryA
SetFileAttributesA
GetTickCount
GetTempPathA
CreateDirectoryA
WaitForSingleObject
CreateEventA
SetEvent
GetDriveTypeA
CreateMutexA
FormatMessageA
OpenMutexA
FindClose
FindNextFileA
FindFirstFileA
lstrcatA
lstrcpyA
CopyFileA
GetFileAttributesA
FreeConsole
RaiseException
InterlockedExchange
LocalAlloc

user32

SetWindowsHookExA
CallNextHookEx
wsprintfA

shell32

SHGetSpecialFolderPathA

msvcrt

strncpy
wcstombs
realloc
malloc
fwrite
fread
fclose
fopen
strstr
??2@YAPAXI@Z
??3@YAXPAX@Z
strrchr
sscanf
fgets
_beginthreadex

Exports

Exports

BuildTreeItem
ServiceMain
SurrendHome

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ