66cc2450c78ad2440415220037b2562b144eb3dc4da3ae066d6a1ea6d859ff08

Sharing

Copy URL

Twitter E-mail

General

Target

66cc2450c78ad2440415220037b2562b144eb3dc4da3ae066d6a1ea6d859ff08
Size

76KB
MD5

f6d3435e43871ba002706b346e854ada
SHA1

0db3626a8800d421c8b16298916a7655a73460de
SHA256

66cc2450c78ad2440415220037b2562b144eb3dc4da3ae066d6a1ea6d859ff08
SHA512

25e5a30fdd17dbca04e8f186bf76c3a412d2fb5af05b3bd4df699e0c80490f1e065d92361b0f861c3b34b20f26dfc600c9330801c5464d31cd6ca46a8e34a2d2
SSDEEP

768:VH/x7vUiZMBFYAjbvYlGLJTvToTPKz02zRHWSffsDzixF5C5o6ywojZ4U:VfxAuMEwCTPKz02hWwMzU/CrojZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66cc2450c78ad2440415220037b2562b144eb3dc4da3ae066d6a1ea6d859ff08

Files

66cc2450c78ad2440415220037b2562b144eb3dc4da3ae066d6a1ea6d859ff08
.dll windows:4 windows x86 arch:x86

03aeb040400fdf1b733e9a223caa8066

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAStartup
WSAGetLastError
gethostname
gethostbyname
inet_ntoa

wininet

InternetSetOptionA
InternetWriteFile
HttpEndRequestA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile

advapi32

GetUserNameA

shlwapi

StrStrA
StrRChrA

kernel32

LCMapStringW
LCMapStringA
TlsAlloc
SetStdHandle
GetOEMCP
GetVersionExA
CloseHandle
DeviceIoControl
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
GetVersion
GetComputerNameA
GetLastError
Sleep
GetDiskFreeSpaceExA
GetDriveTypeA
GetLogicalDriveStringsA
ReadFile
DeleteFileA
GetFileSize
WaitForSingleObject
CreateProcessA
lstrcatA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
SetFilePointer
WriteFile
lstrlenA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateThread
DisableThreadLibraryCalls
HeapFree
HeapAlloc
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetCurrentThreadId
TlsSetValue
TlsFree
SetLastError
TlsGetValue
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
InterlockedDecrement
InterlockedIncrement
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03aeb040400fdf1b733e9a223caa8066

Headers

File Characteristics

Imports

ws2_32

wininet

advapi32

shlwapi

kernel32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB