4df5e0ce7d7c7ac8c80bb1511f41206699cfc4c095f945c2b7e377e469f62a31

Sharing

Copy URL Twitter E-mail

General

Target

4df5e0ce7d7c7ac8c80bb1511f41206699cfc4c095f945c2b7e377e469f62a31
Size

396KB
MD5

37b3c3655973469d68ff1edf2eb537dc
SHA1

36c23f777b4dd62ae5e8e558f9cc524c4db377a8
SHA256

4df5e0ce7d7c7ac8c80bb1511f41206699cfc4c095f945c2b7e377e469f62a31
SHA512

3b9e2b151658ca8df4ac147854080b8d1c10ee14ea377ff5929252220c4edffe79ad3421aa6c7c0e13e876a5d940a7c55234de6b6b1aacbd2896ec30a006c145
SSDEEP

1536:Hsx3kwbNBjforKX+J7bICtg9nZ60QLKddPFtru1YWH:Mx31VCt2MqBtruRH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4df5e0ce7d7c7ac8c80bb1511f41206699cfc4c095f945c2b7e377e469f62a31

Files

4df5e0ce7d7c7ac8c80bb1511f41206699cfc4c095f945c2b7e377e469f62a31
.dll windows:4 windows x86 arch:x86

7006226adbc42b479e2982dfc33ab92f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateMutexA
OpenProcess
GetCurrentProcessId
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
MultiByteToWideChar
ReadFile
LoadLibraryA
WaitForSingleObject
CreateProcessA
Sleep
WideCharToMultiByte
DeleteFileA
GetSystemDirectoryA
GetVersionExA
GetOEMCP
GetFileSize
GetProcAddress
SetEndOfFile
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetFileAttributesA
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
RaiseException
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
RtlUnwind
GetConsoleCP
GetConsoleMode
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
VirtualAlloc
HeapReAlloc
HeapSize
SetStdHandle
FlushFileBuffers
InitializeCriticalSection

user32

CharLowerA

advapi32

GetUserNameA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetCloseHandle
InternetReadFile
HttpAddRequestHeadersA

psapi

GetModuleBaseNameA
EnumProcessModules

ws2_32

WSAStartup
inet_addr
WSACleanup
inet_ntoa
gethostbyname
gethostname

iphlpapi

SendARP

Exports

Exports

myfuc

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7006226adbc42b479e2982dfc33ab92f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

wininet

psapi

ws2_32

iphlpapi

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 5KB - Virtual size: 20KB

.reloc Size: 6KB - Virtual size: 5KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 5KB - Virtual size: 20KB

.reloc
Size: 6KB - Virtual size: 5KB

.shell
Size: 320KB - Virtual size: 320KB