cb4c6df4426f4969765330a7d685e60b7e5011dbaefacf5d87c3bf1666d44d86

Sharing

Copy URL Twitter E-mail

General

Target

cb4c6df4426f4969765330a7d685e60b7e5011dbaefacf5d87c3bf1666d44d86
Size

1.7MB
MD5

8913725c6a7b656b618aa009b9279478
SHA1

638cdf343a5baf24f213f5eeddb6a88bac4e9de6
SHA256

cb4c6df4426f4969765330a7d685e60b7e5011dbaefacf5d87c3bf1666d44d86
SHA512

25f07da98c9f1cd68a5a06fa6a7868ce46c8ae269a6d36e75d3a17f901c6d5986443c955cfecae1bf9151c2dc39a7284eafc24dfad43c04ccca6db1543180eb7
SSDEEP

24576:Z9MyU1P5RPjA4s2Cuzm7DHeoBypHxCTWR2wcgCWOCRPnlpp+RWBfjAEQgEOPA0aN:k1BRPjAbH7DHeoByyTsSy/VdTE4xa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb4c6df4426f4969765330a7d685e60b7e5011dbaefacf5d87c3bf1666d44d86

Files

cb4c6df4426f4969765330a7d685e60b7e5011dbaefacf5d87c3bf1666d44d86
.dll windows x64

f9b251f5609a1337a5241400fd0f1521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
CloseHandle
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
WideCharToMultiByte
CreateFileA
MultiByteToWideChar
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
HeapAlloc
GetProcAddress
GetModuleHandleA
HeapReAlloc
HeapFree
GetCurrentThreadId
FlsSetValue
GetCommandLineA
GetProcessHeap
RaiseException
RtlPcToFileHeader
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSetInformation
HeapCreate
HeapDestroy
HeapSize
RtlVirtualUnwind
FlsGetValue
TlsFree
FlsFree
SetLastError
TlsSetValue
FlsAlloc
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
FlushFileBuffers

crypt32

CertCloseStore
CertOpenStore
CertEnumCertificatesInStore

Exports

Exports

ApkTweak_GetApkcertEncoded
ApkTweak_GetApktoolRes

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9b251f5609a1337a5241400fd0f1521

Headers

File Characteristics

Imports

kernel32

crypt32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 48KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 14KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 49KB - Virtual size: 48KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 14KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 5KB - Virtual size: 5KB