06510653e24647112768f2b3d274bee782790ff8a32fa25f92e1979ccf4bea77

General

Target

06510653e24647112768f2b3d274bee782790ff8a32fa25f92e1979ccf4bea77
Size

28KB
MD5

812735b14cb324910913fa90316353ac
SHA1

6a04d474d5ddb520399ce0ac50d9bbe1ac0aef7f
SHA256

06510653e24647112768f2b3d274bee782790ff8a32fa25f92e1979ccf4bea77
SHA512

407136861ed9296b473c0261c909158ff12403343686a5669d0d98dfd50bc99b7cc2f4ebf19570686733166f7458d64e06ced298434bf2306558ba1ed9629fa8
SSDEEP

192:6s1zWASXoQl7JaAB7gKwqmrD5f+IvNEolwc9A6ZCuN0J5nkoy:sAS4QB0u3gRfxvSolwc9ASCo03by

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06510653e24647112768f2b3d274bee782790ff8a32fa25f92e1979ccf4bea77

Files

06510653e24647112768f2b3d274bee782790ff8a32fa25f92e1979ccf4bea77
.dll windows:4 windows x86 arch:x86

525058b0c6a9e1f1c7059f6411a4d78a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

atinet

_InternetEnableWinINET@0
_HttpOpenRequestA@32
_HttpSendRequestA@20
_HttpQueryInfoA@20
_InternetReadFile@16
_InternetQueryDataAvailable@16
_InternetErrorDlg@20
_InternetOpenA@20
_InternetConnectA@32
_InternetCloseHandle@4

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
GetProcAddress
lstrcpyA
WaitForSingleObject
CloseHandle
GetLastError
lstrcmpiA
lstrlenA
OutputDebugStringA

user32

GetForegroundWindow
PostThreadMessageA

msvcrt

_strlwr
__CxxFrameHandler
memmove
free
_initterm
malloc
_adjust_fdiv
_beginthreadex
_purecall
strstr
strcpy
strlen
??2@YAPAXI@Z
sprintf
memset
??3@YAXPAX@Z
memcpy

Exports

Exports

ATInitStreamGet
ATShutdownStreamGet
ATStreamGet
GpcExitInstance
GpcInitInstance

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

525058b0c6a9e1f1c7059f6411a4d78a

Headers

File Characteristics

Imports

atinet

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 416B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 536B

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 416B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 536B