ac67591f4ee2c91e124106a63ce9f920d292786864252fb4863ba38233208d9f

Resubmissions

12-06-2023 15:07

230612-shdxjsdc5t 3

16-09-2022 12:19

220916-phcspsbeam 1

Sharing

Copy URL

Twitter E-mail

General

Target

ac67591f4ee2c91e124106a63ce9f920d292786864252fb4863ba38233208d9f
Size

144KB
MD5

1b84a502034f7422e40944b1a3d71f29
SHA1

1564e2935bfd52475bf84a403bbf65da8c14a3e6
SHA256

ac67591f4ee2c91e124106a63ce9f920d292786864252fb4863ba38233208d9f
SHA512

785661e83a47ad5352987db068d793a9bc711c67f3c3b18b094be56e1412aba9a94b302374981e8e7c0b5db9f971da039a93d954ea322b855754aadc685783a6
SSDEEP

3072:XpzmH9yQ6RkflRT6OqgGPx65r1i5oGYyc1wy98PJOG/N:XdmHgkfSOq855FGY91w28P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac67591f4ee2c91e124106a63ce9f920d292786864252fb4863ba38233208d9f

Files

ac67591f4ee2c91e124106a63ce9f920d292786864252fb4863ba38233208d9f
.dll windows x86

2000fd551f25c7eef0e8c02e9f70da25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetStdHandle
DefineDosDeviceW
SetStdHandle
SuspendThread
CompareStringW
LoadLibraryExA
GetLogicalDriveStringsW
CompareStringA
OutputDebugStringA
GetNamedPipeInfo
FindNextVolumeMountPointA
VirtualLock
lstrlenW
UnregisterConsoleIME
BaseDumpAppcompatCache

user32

EndTask
ShowWindowAsync
SetParent
GetWindowModuleFileNameA

oleaut32

VarI2FromI4
VarI2FromDec
VariantChangeTypeEx
VarR4FromI4
VarUI4FromStr
VARIANT_UserUnmarshal
VarI4FromI8
VarCyRound
BSTR_UserFree
VarR4FromI1
VARIANT_UserSize
OleCreatePropertyFrame
VarBstrFromDisp
VarDecFromCy
VarFormatDateTime
VarI1FromDate
VarCyMulI8
DispGetParam
VarDateFromUI4
VarCyInt
VarBstrFromDate
BSTR_UserMarshal
LHashValOfNameSys
VarI4FromUI1
VarUI1FromR8
SafeArraySetIID

iashlpr

MemFreeIas
MemAllocIas
ShutdownIas
MemReallocIas
AllocateAttributes
InitializeIas
ConfigureIas

mswsock

GetNameByTypeW
GetAddressByNameA
NPLoadNameSpaces
inet_network
rexec
WSARecvEx
SetServiceA
GetServiceA
GetNameByTypeA
AcceptEx
EnumProtocolsA
GetAddressByNameW
GetTypeByNameW
dn_expand

Exports

Exports

SpaceMay
TheSectionLeastA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 882B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

2000fd551f25c7eef0e8c02e9f70da25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

oleaut32

iashlpr

mswsock

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 4KB - Virtual size: 104KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 882B

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 4KB - Virtual size: 104KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 882B