a2369339c8267c66f3c4654a682a1ed33cdc3b4cbe8eadd97a4b30d0f620efbf

General

Target

a2369339c8267c66f3c4654a682a1ed33cdc3b4cbe8eadd97a4b30d0f620efbf
Size

531KB
MD5

b07be30a78872798376b1d43ba286588
SHA1

cd0329acf59a759925b2b83436551010c3c3a359
SHA256

a2369339c8267c66f3c4654a682a1ed33cdc3b4cbe8eadd97a4b30d0f620efbf
SHA512

15426b5606721be0648e6b47dd25da13f648246ee20867c0a67970f64c41bba6d8c7204f3ee256b39cd35ba1f81ee08cd6c25718eef47f6e987e8809e71dab62
SSDEEP

12288:yvsz1YRhv7/Y4V9IR6k7XrTCpCPomc/lEDc/BDByYZ:yESRl7/Y47IR6k7HCp9mcNEUBDBv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2369339c8267c66f3c4654a682a1ed33cdc3b4cbe8eadd97a4b30d0f620efbf

Files

a2369339c8267c66f3c4654a682a1ed33cdc3b4cbe8eadd97a4b30d0f620efbf
.dll windows x86

1baa2da170031dc299b4ddf22d605299

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
FreeLibrary
GetCurrentProcess
CreateThread
WriteConsoleW
FlushFileBuffers
CloseHandle
CreateFileW
GetProcAddress
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetLastError
RaiseException
DecodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
SetStdHandle
GetStdHandle
GetCurrentThread
GetCurrentThreadId
WideCharToMultiByte
GetStringTypeW
QueryPerformanceCounter
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
LCMapStringW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
GetCurrentProcessId
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
TerminateProcess
InitializeSListHead
GetThreadTimes
LoadLibraryExW
InterlockedFlushSList
RtlUnwind
GetModuleHandleExW
GetFileType
SetFilePointerEx
WriteFile
GetConsoleCP
GetConsoleMode
ExitProcess
GetModuleFileNameA
GetACP

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1baa2da170031dc299b4ddf22d605299

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 397KB - Virtual size: 397KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 397KB - Virtual size: 397KB

.reloc
Size: 6KB - Virtual size: 6KB