cccbd1a2a505a31562e9d8109de9e827 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cccbd1a2a505a31562e9d8109de9e827
Size

7KB
MD5

cccbd1a2a505a31562e9d8109de9e827
SHA1

f4ef7de6245b6deb5c26417be30dbddca16d1ef7
SHA256

5142eb915bea5fab6f7eeb1e9823113b834ea0fe227b3d5938f5d0a4bf7ce834
SHA512

b0f1dad8ba2b64e78889fe92c8b070011d6f06ddbcf5607cde2100ae85cf9c696b30dba35b4055159d2b228f4c97307422aff2678c9e8e21166539d68dde4f43
SSDEEP

96:pBmTIjJOS83kk2lvd2Dr35JWWmqkqrta:nwIwS830u35QWmqNta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cccbd1a2a505a31562e9d8109de9e827

Files

cccbd1a2a505a31562e9d8109de9e827
.dll windows:4 windows x86 arch:x86

3ff0a7b366502af0643835d5b37610db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
WriteProcessMemory
ReadProcessMemory
ExitProcess
GetCurrentProcessId
GlobalUnlock
GlobalLock
GlobalAlloc
CreateThread
Sleep
GetCurrentProcess
GlobalFree

user32

GetWindowThreadProcessId
GetWindowTextA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
FindWindowA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

msvcrt

sprintf
_adjust_fdiv
malloc
_initterm
free
memcpy
strchr
strncpy
strrchr
??3@YAXPAX@Z
memset
??2@YAPAXI@Z
_stricmp
strcmp
strcpy
strlen

Exports

Exports

fa
fc

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sdat
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ