1aad06d734505d42ba65176ef70435cccb7a19bc56ecdc6a8d7854321fc4d55e

Sharing

Copy URL Twitter E-mail

General

Target

1aad06d734505d42ba65176ef70435cccb7a19bc56ecdc6a8d7854321fc4d55e
Size

1.6MB
MD5

cf61095cd97c15eac0cbee430157c509
SHA1

f4388d52de8104d50f28298334731bac773acce1
SHA256

1aad06d734505d42ba65176ef70435cccb7a19bc56ecdc6a8d7854321fc4d55e
SHA512

913c87a9bae40d0e6e4c9b7fd57357ded69b18934e8eb5810b4bbda5ebd429f7bf27b9255488f2c3250f59669b1bbb7e24df013534a8d5320b7059aeb45d58d6
SSDEEP

24576:ngLBUG18D6BNRgD9ehwr5+9vK5Ldt3uNfLHFgywLnQV4oejsT3QKnDBeIwge2U7/:IftRg8mtka6NTFsjPPjgHDcI5U7pLBKG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aad06d734505d42ba65176ef70435cccb7a19bc56ecdc6a8d7854321fc4d55e

Files

1aad06d734505d42ba65176ef70435cccb7a19bc56ecdc6a8d7854321fc4d55e
.dll windows x64

e1d55c105cb598533af990af25858c3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FreeLibrary

user32

GetWindowThreadProcessId

gdi32

SelectObject

advapi32

RegQueryValueExW

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime

comctl32

ImageList_Destroy

psapi

GetMappedFileNameW

shlwapi

PathFileExistsW

ws2_32

WSACleanup

ntdll

RtlVirtualUnwind

gdiplus

GdipGetImagePaletteSize

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

Exports

Exports

JY

Sections

.text
Size: 225KB - Virtual size: 564KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1d55c105cb598533af990af25858c3d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

psapi

shlwapi

ws2_32

ntdll

gdiplus

iphlpapi

msvcrt

Exports

Exports

Sections

.text Size: 225KB - Virtual size: 564KB

.sedata Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 225KB - Virtual size: 564KB

.sedata
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB