c7b9b8c5cbfd50b43caeb76f06cf9b5a

Sharing

Copy URL Twitter E-mail

General

Target

c7b9b8c5cbfd50b43caeb76f06cf9b5a
Size

44KB
MD5

c7b9b8c5cbfd50b43caeb76f06cf9b5a
SHA1

cb64c10a47a87556e837761e8993e9f783c5be79
SHA256

64c702cf35c036b0cb1bf1e95428509948d08dad459a7551b65efaf96cf1e6ff
SHA512

4f15ababbba217ef128baa2d2462712257f92aac7f96dffbb40d9a5c1be25ac12cad9628fed72ab8bf3d9c00ffcd7cb318f3314abee428a090e630e3592641ba
SSDEEP

768:jpEYMj7HzDv7rEza1gz6JBUKgjscMPVkX:jOLHXE0JGKZcMPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7b9b8c5cbfd50b43caeb76f06cf9b5a

Files

c7b9b8c5cbfd50b43caeb76f06cf9b5a
.dll windows:4 windows x86 arch:x86

79ba671d9434286692a37fed20c3f281

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempPathA
GetProcAddress
GetModuleHandleA
MulDiv
GetTickCount
CloseHandle
WriteFile
ReadFile
CreateFileA
WaitForMultipleObjects
DeleteFileA
CreateEventA
SetFilePointer
lstrcatA
GetTempFileNameA
InterlockedExchange
RtlUnwind
HeapReAlloc
HeapFree
GetProcessHeap
HeapAlloc
SetFileAttributesA
SetEndOfFile
FindClose
lstrlenA
CreateProcessA
ExitThread
CreateThread
GetLastError
SetEvent
GlobalFree
WaitForSingleObject
GlobalAlloc
lstrcpynA
lstrcpyA
GetModuleFileNameA
VirtualQuery

user32

CallWindowProcA
DestroyWindow
EnableWindow
GetWindowLongA
CreateWindowExA
GetWindowRect
GetClientRect
RegisterWindowMessageA
SetWindowLongA
SetDlgItemTextA
MessageBoxA
wsprintfA
SetWindowTextA
SendMessageA
GetDlgItem
GetFocus
CloseWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
CharLowerBuffA
IsWindowVisible
ShowWindow

advapi32

RegCreateKeyA
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegEnumValueA

wininet

InternetSetFilePointer
HttpSendRequestA
InternetCloseHandle
InternetReadFile
InternetCrackUrlA
FindCloseUrlCache
FindFirstUrlCacheEntryA
InternetOpenA
InternetConnectA
HttpOpenRequestA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

a
b
c

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79ba671d9434286692a37fed20c3f281

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

version

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB