c4d0b8d9c79b509a2469b39e00af255a

Sharing

Copy URL Twitter E-mail

General

Target

c4d0b8d9c79b509a2469b39e00af255a
Size

193KB
MD5

c4d0b8d9c79b509a2469b39e00af255a
SHA1

33803a1cbd828177ef9bd7e8826b896067578394
SHA256

45fe98b9d4a0520718647abffbe8105da5e611da0350d7880c2bb36bbfc4bacb
SHA512

ca419ffffc7a0c12746d670ca70decef128919210dad20097244a5d02372d137f35bcb27b222a58da14544c5b014818e76129d83f0d417cf6e937321211b7802
SSDEEP

768:hkEY/l00UxkuRnJO2wXlMtRvAL0X+A5AyK:OEC00UDRng2wXYRvAL6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4d0b8d9c79b509a2469b39e00af255a

Files

c4d0b8d9c79b509a2469b39e00af255a
.dll windows:4 windows x86 arch:x86

888d2a0774cd49ab41d1f1adcc295d27

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryA
ConnectNamedPipe
GetTickCount
HeapAlloc
HeapFree
IsBadCodePtr
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
GetTempPathA
TerminateThread
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
DeviceIoControl
ExitThread
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemDirectoryA
ConnectNamedPipe
GetTickCount
HeapAlloc
HeapFree
IsBadCodePtr
LoadLibraryA
LocalAlloc
LocalFree
LockFile
MapViewOfFile
OpenProcess
ReadFile
RtlZeroMemory
SetFilePointer
Sleep
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualProtectEx
WaitForSingleObject
WideCharToMultiByte
_llseek
_lread
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA
CloseHandle
GetTempPathA
TerminateThread

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegNotifyChangeKeyValue
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA

ole32

CoTaskMemFree

shell32

ShellExecuteA

user32

GetWindowTextA
GetForegroundWindow
GetDlgItemTextA
GetClassNameA
EnumChildWindows
CharLowerA
wsprintfA

wininet

HttpSendRequestA
InternetConnectA
InternetGetConnectedState
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
HttpOpenRequestA

ws2_32

Exports

Exports

hpprintx

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

888d2a0774cd49ab41d1f1adcc295d27

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

shell32

user32

wininet

ws2_32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 188KB

.rsrc Size: 1024B - Virtual size: 4KB

.avp Size: 3KB - Virtual size: 4KB

.text
Size: 188KB - Virtual size: 188KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avp
Size: 3KB - Virtual size: 4KB