ServiceMain
Static task
static1
Behavioral task
behavioral1
Sample
c57874ead36e62e8c978c937160f6608.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c57874ead36e62e8c978c937160f6608.dll
Resource
win10v2004-20240226-en
General
-
Target
c57874ead36e62e8c978c937160f6608
-
Size
5KB
-
MD5
c57874ead36e62e8c978c937160f6608
-
SHA1
381a774586b81f9cc4de475aeea75ddfddd4e8cf
-
SHA256
2a0da12c09504df5e314a544a22578d2ed55f9740c1adfecbf62b40b6c7c9486
-
SHA512
d5b4978b2a2bf8bfb01ad8eb3a794f9131af060b1c529a2e41d7e4e93c0554707833973f1e669c6847fc2f107c97c75934662beba2fc8e89c2613f4a78bd1561
-
SSDEEP
48:S/ueYjGCDcVuVLnD9Y9UT3xAEMeHgFPJLvTitstiU5RylMU0l9Ae0o3sv+4L9IDv:SzyPgEsqeLJLBhqi1qcN4iDMOX1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c57874ead36e62e8c978c937160f6608
Files
-
c57874ead36e62e8c978c937160f6608.dll windows:4 windows x86 arch:x86
c639c50aac34ef4e275c40ef8c2311b8
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetLastError
FreeLibrary
LoadLibraryExW
GetProcAddress
CreateFileW
DeleteFileW
Sleep
lstrcatW
GetWindowsDirectoryW
WriteFile
CloseHandle
LoadLibraryW
advapi32
RegisterServiceCtrlHandlerW
SetServiceStatus
shell32
SHCreateDirectoryExW
wininet
InternetReadFile
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
msvcrt
_beginthreadex
_adjust_fdiv
malloc
_initterm
free
Exports
Exports
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 894B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 168B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 216B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ