caf47507dc8441f9b8b4c9e3350a9021875e271c89303084646769ad3338a653

Sharing

Copy URL Twitter E-mail

General

Target

caf47507dc8441f9b8b4c9e3350a9021875e271c89303084646769ad3338a653
Size

656KB
MD5

5afc5c758b628799164b8b841a152e56
SHA1

60f28bba3a3e06cb62ab3c430d160140a3730211
SHA256

caf47507dc8441f9b8b4c9e3350a9021875e271c89303084646769ad3338a653
SHA512

8da8eef19b08444ced45e5de660f0c87e7a22408ae7eb7c482856bc86e51a7613591b913e1e00009f73b54286778072489973115d7a3bb70b9de85bfcd14b2da
SSDEEP

12288:Z1qMAfHngZi0iynuFlDPoayOMEM8zgh3DSi/30Ol0rKvJnD:ZVAfn0AFFlDP9ZMSzghDSiPJnD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
caf47507dc8441f9b8b4c9e3350a9021875e271c89303084646769ad3338a653

Files

caf47507dc8441f9b8b4c9e3350a9021875e271c89303084646769ad3338a653
.dll windows x86

c370cc84a94a6fc63ded7411d64b3a9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr100

_crt_debugger_hook
_except_handler4_common
_onexit
_lock
_cexit
__FrameUnwindFilter
??3@YAXPAX@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
??_U@YAPAXI@Z
??_V@YAXPAX@Z
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_amsg_exit
_initterm_e
_CItan
printf
memcpy
memmove
_CxxThrowException
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
_initterm
_encoded_null
free
?__ExceptionPtrCopy@@YAXPAXPBX@Z
_malloc_crt
_CIcos
_CIsin
_CIsqrt
_CIatan
__CxxFrameHandler3
_CIacos
_CIasin

kernel32

UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
EncodePointer
DecodePointer
InterlockedExchange

msvcp100

?_Lockit_dtor@_Lockit@std@@SAXH@Z
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Xlength_error@std@@YAXPBD@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Incref@facet@locale@std@@QAEXXZ
?_Decref@facet@locale@std@@QAEPAV123@XZ
?_Xout_of_range@std@@YAXPBD@Z
?_Lockit_ctor@_Lockit@std@@SAXH@Z

oleaut32

SysFreeString

mscoree

_CorDllMain

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 497KB - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c370cc84a94a6fc63ded7411d64b3a9b

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

msvcp100

oleaut32

mscoree

Sections

.text Size: 77KB - Virtual size: 77KB

.rdata Size: 71KB - Virtual size: 71KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 497KB - Virtual size: 500KB

.data Size: 4KB - Virtual size: 4KB

.text
Size: 77KB - Virtual size: 77KB

.rdata
Size: 71KB - Virtual size: 71KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 497KB - Virtual size: 500KB

.data
Size: 4KB - Virtual size: 4KB