6ad61dc9f7b8d99619aac4779c3af077b39cf24f5590f86c806c395dc1e727f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ad61dc9f7b8d99619aac4779c3af077b39cf24f5590f86c806c395dc1e727f6
Size

26KB
MD5

e57f3830e7ed2970b887edec192b2d77
SHA1

c0f3eb225db32c51cc6670b14f001e0703955430
SHA256

6ad61dc9f7b8d99619aac4779c3af077b39cf24f5590f86c806c395dc1e727f6
SHA512

79a31be0c4380832c5bcef4965abf223b89b4743e98875cf69f665b8e412a02b1090c14e51a7bf8ec312e739effbb2a458a9a6cdb2675a80c82014bc7457aaa4
SSDEEP

384:FNJRSvsXETdh+631Q2fz0K/98/6XDK1ziHJOaWsf8rH0:FNJRehhx1L0KW/KDK12HJKGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ad61dc9f7b8d99619aac4779c3af077b39cf24f5590f86c806c395dc1e727f6

Files

6ad61dc9f7b8d99619aac4779c3af077b39cf24f5590f86c806c395dc1e727f6
.dll windows:6 windows x86 arch:x86

28ac639e3163530edd966c1b1848c514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetOpenA

kernel32

HeapAlloc
ReadFile
GetFileSize
GetTickCount
GetProcAddress
LoadLibraryA
FreeLibrary
GetTempPathW
GetTempFileNameW
CreateProcessW
WaitForSingleObject
CloseHandle
DeleteFileW
CreateFileW
WriteFile
CreateEventW
CreateThread
SetEvent
GetSystemTime
GetLocalTime
HeapFree
WideCharToMultiByte
MultiByteToWideChar

user32

ReleaseDC
GetWindowDC
GetWindowRect
GetDesktopWindow

ntdll

_allmul
_aulldiv
memcpy
memset

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ