10fe725231b59b91ff050177fa1ae92d779009f6fa15c66a99e3235bc3a803ba

Sharing

Copy URL Twitter E-mail

General

Target

10fe725231b59b91ff050177fa1ae92d779009f6fa15c66a99e3235bc3a803ba
Size

214KB
MD5

5065b7ce49bb43421cfec28a2a5e7745
SHA1

38c0cd41e9dd170c22d22949eefef46fc52a3de1
SHA256

10fe725231b59b91ff050177fa1ae92d779009f6fa15c66a99e3235bc3a803ba
SHA512

fc1b33f00010ce9620cce16c8beac63fcb95341a6d70f2a2bb4dc38273a79df9023a9c92afaaf8368433b3ca8d6fc173cc6835e26cdc07f27ebd679589afbc54
SSDEEP

3072:RfdmivnRIN4SDTTHaBPJKlLu58vGAg0FubpTBfy8xZrs92GTOlgNHrb4d0cw7a5G:RfdmwnRHBPJFBAO1TB68xZ8NpcwqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10fe725231b59b91ff050177fa1ae92d779009f6fa15c66a99e3235bc3a803ba

Files

10fe725231b59b91ff050177fa1ae92d779009f6fa15c66a99e3235bc3a803ba
.dll windows x86

6e2ad454c1e0552b8ab707dd77a75021

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
TlsSetValue
TlsFree
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EncodePointer
DecodePointer
LCMapStringW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
SetFilePointerEx
TlsAlloc
IsProcessorFeaturePresent
Sleep
GetModuleFileNameA
GetCurrentProcess
CreateFileW
GetCurrentThreadId
CreateToolhelp32Snapshot
CloseHandle
GetFileType
GetFullPathNameW
GetLongPathNameW
WriteFile
GetShortPathNameW
GetFileInformationByHandle
GetLastError
OpenProcess
MultiByteToWideChar
WideCharToMultiByte
RaiseException
GetProcAddress
GetStartupInfoW
GetStdHandle
Module32FirstW
GetModuleHandleW
FreeLibrary
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
FindClose
ExitProcess
GetModuleHandleExW
GetConsoleMode
GetConsoleCP
SetStdHandle
HeapFree
GetACP
HeapAlloc
HeapReAlloc
TlsGetValue
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
WriteConsoleW
FlushFileBuffers
GetCurrentProcessId
HeapSize

user32

GetWindowThreadProcessId
FindWindowW
IsWindow
FindWindowExW

advapi32

AllocateAndInitializeSid
OpenProcessToken
DuplicateTokenEx
CheckTokenMembership
FreeSid

Exports

Exports

pcm_plugin_action
pcm_plugin_buffer_allocate
pcm_plugin_buffer_free
pcm_plugin_ininitialize

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e2ad454c1e0552b8ab707dd77a75021

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 8KB - Virtual size: 8KB