5f386facb70b6de7015aac0cfc91c818c0a13eebca0340d02f339dce72695b0e

Sharing

Copy URL Twitter E-mail

General

Target

5f386facb70b6de7015aac0cfc91c818c0a13eebca0340d02f339dce72695b0e
Size

1.7MB
MD5

e7511b8e5d46f4aedfb735174d6774c4
SHA1

25ff1786d83d0a0491e85e3e61877b044d70614f
SHA256

5f386facb70b6de7015aac0cfc91c818c0a13eebca0340d02f339dce72695b0e
SHA512

b4cbba61532434dcf2a399833e2e0c5b49e7657a228276d5a20be72e6b7a1d2cb7e063d5a148821bf3a7a7e1012e1a94b29c65aed07eba6c968096aa5790ca51
SSDEEP

24576:KzaDOo1U9NLLANnv3mDGJBxVWADGvkf633n3vdgTjddzzwasinl1n5Mjlotz7gg:Ks2NfAZmCBxVWASe633fiTXnt6otAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f386facb70b6de7015aac0cfc91c818c0a13eebca0340d02f339dce72695b0e

Files

5f386facb70b6de7015aac0cfc91c818c0a13eebca0340d02f339dce72695b0e
.dll windows x64

d59ec185e38bea32dad0d7603b46b595

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateToolhelp32Snapshot

user32

ReleaseDC

gdi32

SelectObject

advapi32

RegQueryValueExW

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal

comctl32

ImageList_Destroy

ntdll

NtQueryInformationThread

psapi

GetMappedFileNameW

shlwapi

PathFileExistsW

ws2_32

WSACleanup

gdiplus

GdipCreateBitmapFromStream

iphlpapi

GetInterfaceInfo

msvcrt

_wcsnicmp

Exports

Exports

W

Sections

.text
Size: 238KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d59ec185e38bea32dad0d7603b46b595

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

ntdll

psapi

shlwapi

ws2_32

gdiplus

iphlpapi

msvcrt

Exports

Exports

Sections

.text Size: 238KB - Virtual size: 604KB

.sedata Size: 1.4MB - Virtual size: 1.4MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 238KB - Virtual size: 604KB

.sedata
Size: 1.4MB - Virtual size: 1.4MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB