4cdf893e2154e0362e0eea76c7551d69147996c235827ebebe5a2a797cf5637e

Sharing

Copy URL

Twitter E-mail

General

Target

4cdf893e2154e0362e0eea76c7551d69147996c235827ebebe5a2a797cf5637e
Size

1.6MB
MD5

0e693e0248a309273ece7a5dc9413f70
SHA1

982457e22beb9d3d67777d0cfc94bc837fe42c0a
SHA256

4cdf893e2154e0362e0eea76c7551d69147996c235827ebebe5a2a797cf5637e
SHA512

dc0d53482a646bed2f0a5961e3c962996fbef3cc717a8eb6ae031616434046da0b5c7c76266505392145146cf578ad4c987e065db0edfc9b4964f0b3b11f9b9d
SSDEEP

49152:OGSRr5/IEkKYTLz7evT8yOLOhjs46avERp2:OV5IEkKD8Uj96aGp2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4cdf893e2154e0362e0eea76c7551d69147996c235827ebebe5a2a797cf5637e

Files

4cdf893e2154e0362e0eea76c7551d69147996c235827ebebe5a2a797cf5637e
.dll windows x64

1b70207c645a6bebdb0be3da50919f37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

ExitProcess

user32

MsgWaitForMultipleObjects

gdi32

SelectObject

advapi32

RegQueryValueExW

shell32

SHGetSpecialFolderPathW

ole32

CoInitializeEx

comctl32

ImageList_Destroy

ws2_32

WSACleanup

gdiplus

GdipGetImageHeight

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

psapi

GetMappedFileNameW

Exports

Exports

DLLmain

Sections

.text
Size: 172KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b70207c645a6bebdb0be3da50919f37

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

ws2_32

gdiplus

iphlpapi

msvcrt

psapi

Exports

Exports

Sections

.text Size: 172KB - Virtual size: 416KB

.sedata Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1024B - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 172KB - Virtual size: 416KB

.sedata
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB