33dac95f95b63496d20f133ba74fdf2d4931f792887d52fc2611c7defc9516f9

Sharing

Copy URL Twitter E-mail

General

Target

33dac95f95b63496d20f133ba74fdf2d4931f792887d52fc2611c7defc9516f9
Size

204KB
MD5

efde6caf22c4e70667b2ea86dca01673
SHA1

620d10187f42250d4394b1dd993a38f7fb9fa076
SHA256

33dac95f95b63496d20f133ba74fdf2d4931f792887d52fc2611c7defc9516f9
SHA512

649824c6ba3de145360054f6ef1c7811b7376e4217f7908ad679fd0ede30af82ec95151d1b1d4df203eaf282bf5d09546025d519acbadad56df66632a6acd740
SSDEEP

6144:Q+6BHrjWOoJexcHlnp7/Wp9iBMxiUuPkBkPCzqYj/G:Q+PFnpTWGBMb6bgG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33dac95f95b63496d20f133ba74fdf2d4931f792887d52fc2611c7defc9516f9

Files

33dac95f95b63496d20f133ba74fdf2d4931f792887d52fc2611c7defc9516f9
.dll windows x64

314f48921d5c6da604215f1f3960960f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FlushFileBuffers
HeapAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
GetCurrentProcessId
TerminateProcess
MultiByteToWideChar
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoA
IsValidCodePage
GetVersionExW
lstrcmpiA
GetSystemTimeAsFileTime
ReadFile
WriteFile
GetModuleHandleW
Sleep
GetCurrentThreadId
GetSystemDirectoryW
GetLastError
GetCurrentProcess
GetTickCount
FreeLibrary
GetProcAddress
LoadLibraryW
OpenEventW
SetEvent
CreateThread
CloseHandle
WaitForSingleObject
CreateEventW
GetModuleFileNameW
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetLocaleInfoW
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStringTypeA
EnumSystemLocalesA
HeapDestroy
HeapCreate
HeapSetInformation
SetFilePointer
GetConsoleMode
GetConsoleCP
GetStartupInfoA
GetFileType
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
ExitProcess
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlUnwindEx
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetStdHandle
GetModuleFileNameA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetACP
GetOEMCP
SetHandleCount

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoInitializeEx
CoInitializeSecurity

oleaut32

VariantInit
VariantClear
SysAllocString
SysFreeString

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsW

Exports

Exports

DllCanUnloadNow
DllDoFun
DllGetClassObject
DllRegister
DllUnRegister

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

314f48921d5c6da604215f1f3960960f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 8KB - Virtual size: 17KB

.pdata Size: 9KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 8KB - Virtual size: 17KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB