1f553c5c17deb0b9452db0d26387f003ad4086ff6a83ab12f000a6605a0df19e

Sharing

Copy URL Twitter E-mail

General

Target

1f553c5c17deb0b9452db0d26387f003ad4086ff6a83ab12f000a6605a0df19e
Size

1.0MB
MD5

d9bcdd9b867e412b3edb25f6c591da91
SHA1

73315a0fa15e49ed7bb8335aef91aafdb990bb7b
SHA256

1f553c5c17deb0b9452db0d26387f003ad4086ff6a83ab12f000a6605a0df19e
SHA512

5af6aaff67b7d444c1cb8930da5c12bf0c08301e539a456a08f9f543c00fcbf2e52258c722bf3336b784590b045d802bb32dc019a8404028fa22cae479fb02c0
SSDEEP

24576:la4fZFiRfGL8s9ohy4DWDgl1QVD/Qu7H/St7vYv5n3Cd:dwfCf9SDTly7fCvu5n3Cd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f553c5c17deb0b9452db0d26387f003ad4086ff6a83ab12f000a6605a0df19e

Files

1f553c5c17deb0b9452db0d26387f003ad4086ff6a83ab12f000a6605a0df19e
.dll windows x86

b55873f002f29d695478d65ff0abb945

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
ReadFile
CloseHandle
VirtualFree
GetLastError
lstrcmpiA
GetProcAddress
LoadLibraryA
GetModuleHandleA
SetStdHandle
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
DecodePointer
GetModuleHandleW
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetModuleFileNameW
RaiseException
EncodePointer
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
LoadLibraryW
SetHandleCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
HeapAlloc
HeapReAlloc
HeapSize
HeapQueryInformation
HeapFree
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
CreateFileW

Exports

Exports

StartDaemonService

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 908KB - Virtual size: 907KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b55873f002f29d695478d65ff0abb945

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 908KB - Virtual size: 907KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 908KB - Virtual size: 907KB

.reloc
Size: 11KB - Virtual size: 11KB