caa9d3f65568ea85a21afdbf6ccfce4a

General

Target

caa9d3f65568ea85a21afdbf6ccfce4a
Size

16KB
MD5

caa9d3f65568ea85a21afdbf6ccfce4a
SHA1

30a04daf5ec8f0be62ee71504ef96ce8089a6a25
SHA256

7230ba89c332b852c504bc4e3d7348c0a36daf8ffb14f973e580fbb48a16d002
SHA512

c4d445fd3444e20ca20c7bb97b4de2a98700eafb7f7007fd23f3517c3a348fc92f3a26ac2447a8b5f0533211f6bc604fe3c42aa9be11e1c67a1c83e26dd119fb
SSDEEP

384:z/3ckfSkHkqckMz7J8JpH3gN9UNms83v+aB8ac2NAlF:z/NSEJqi7w8Nmj3VSac2Sl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caa9d3f65568ea85a21afdbf6ccfce4a

Files

caa9d3f65568ea85a21afdbf6ccfce4a
.dll windows:4 windows x86 arch:x86

f934962f1960a9867283603654c076b3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteProcessMemory
ReadProcessMemory
ExitProcess
GlobalFree
GetComputerNameA
GlobalLock
GlobalAlloc
IsBadReadPtr
CreateThread
GetModuleFileNameA
GetCurrentProcessId
Sleep
GetCurrentProcess
GlobalUnlock

user32

GetWindowThreadProcessId
GetWindowTextA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
FindWindowA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

sprintf
_adjust_fdiv
malloc
_initterm
free
fopen
fread
fclose
strlen
strrchr
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
_stricmp
strcmp
strcpy
strncpy
strchr
memcpy

Exports

Exports

fa
fc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdat
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 674B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

0
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f934962f1960a9867283603654c076b3

Headers

File Characteristics

Imports

kernel32

user32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 604B

sdat Size: 512B - Virtual size: 269B

.reloc Size: 1024B - Virtual size: 674B

0 Size: 5KB - Virtual size: 5KB

1 Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 604B

sdat
Size: 512B - Virtual size: 269B

.reloc
Size: 1024B - Virtual size: 674B

0
Size: 5KB - Virtual size: 5KB

1
Size: 1KB - Virtual size: 1KB