f38a286debc54d3bff4e3eddbe7872b40f78fa5549d6b1276c45e1ea89e70f1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f38a286debc54d3bff4e3eddbe7872b40f78fa5549d6b1276c45e1ea89e70f1e
Size

26KB
MD5

8f32e92cb19ab5870a0eecbc599428de
SHA1

0c1edd271781e5b24657b5c778ba1e7fbfc751fe
SHA256

f38a286debc54d3bff4e3eddbe7872b40f78fa5549d6b1276c45e1ea89e70f1e
SHA512

442f610fd8de6ad5286fa4dd10be93cb2c72411005aa0337309a5e131255cb74aa106dd3b0c9f50cb56dfe5f6bda254bba414bdd1da7554d430d066193382a4e
SSDEEP

384:FNJRSvsXETdh+631Q2fz0K/98/6XDK1ziHJOaWsf8rHA:FNJRehhx1L0KW/KDK12HJKGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f38a286debc54d3bff4e3eddbe7872b40f78fa5549d6b1276c45e1ea89e70f1e

Files

f38a286debc54d3bff4e3eddbe7872b40f78fa5549d6b1276c45e1ea89e70f1e
.dll windows:6 windows x86 arch:x86

28ac639e3163530edd966c1b1848c514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
InternetOpenA

kernel32

HeapAlloc
ReadFile
GetFileSize
GetTickCount
GetProcAddress
LoadLibraryA
FreeLibrary
GetTempPathW
GetTempFileNameW
CreateProcessW
WaitForSingleObject
CloseHandle
DeleteFileW
CreateFileW
WriteFile
CreateEventW
CreateThread
SetEvent
GetSystemTime
GetLocalTime
HeapFree
WideCharToMultiByte
MultiByteToWideChar

user32

ReleaseDC
GetWindowDC
GetWindowRect
GetDesktopWindow

ntdll

_allmul
_aulldiv
memcpy
memset

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ