a4c8f928cf41914f84053866c3646fd131e7fa4af8c007dd088c949131433aa8

Sharing

Copy URL Twitter E-mail

General

Target

a4c8f928cf41914f84053866c3646fd131e7fa4af8c007dd088c949131433aa8
Size

19KB
MD5

4fbd44e138414733d4765faf9be52a42
SHA1

d1285b3b59a5efed68ce2901bbb7638494ee6ecd
SHA256

a4c8f928cf41914f84053866c3646fd131e7fa4af8c007dd088c949131433aa8
SHA512

8f0c3a6f9c5a5e80636c20919758d64bfcd2580c0172d7436387d4763f6e93c59c54dbf9f6d35b2946e25c31b0dc1e30cf7a832fe0182668780ccb03c58125a1
SSDEEP

384:F1t+jozo6Wo2HJHFDwCgx8MSwGuZG4sgO4VjfjQzSG:F1mUo6WFHbDwCgx8XwGuQ4sgjRfjY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4c8f928cf41914f84053866c3646fd131e7fa4af8c007dd088c949131433aa8

Files

a4c8f928cf41914f84053866c3646fd131e7fa4af8c007dd088c949131433aa8
.dll windows:4 windows x86 arch:x86

0754776f366063727f8c8c457e2bec52

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
GetTempPathA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetLastError
CreateThread
GetLocalTime
WriteFile
Sleep
GetTickCount

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

ws2_32

ntohl
ntohs

msvcrt

__CxxFrameHandler
fread
ftell
fseek
fopen
sscanf
??3@YAXPAX@Z
fclose
atol
strcpy
??2@YAPAXI@Z
memcpy
strchr
strncpy
free
_initterm
malloc
_adjust_fdiv
strlen
strstr
rename
memset
_access
_mkdir
time
srand
rand
sprintf
memcmp
_stricmp

msvcp60

??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??0_Lockit@std@@QAE@XZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0754776f366063727f8c8c457e2bec52

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

msvcrt

msvcp60

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 720B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 720B

.reloc
Size: 1KB - Virtual size: 1KB