e771268d74d8c4344eb04e6d45c2b5616490a82eb4e39d7f719f989d8660b33d

Sharing

Copy URL Twitter E-mail

General

Target

e771268d74d8c4344eb04e6d45c2b5616490a82eb4e39d7f719f989d8660b33d
Size

1.4MB
MD5

b1ecf468a9c2ec166c3a96733b4b5ebf
SHA1

f4eb28dc1a601d4e2c312016e2853b03cbdb1af0
SHA256

e771268d74d8c4344eb04e6d45c2b5616490a82eb4e39d7f719f989d8660b33d
SHA512

d79592c82e6bb84d1f62912c81f99e3f379c2da9eafe69f40ee6d52bd889f7858e4c2d102530158061e77c483f3f0746e4930e2879103db8efcadff93bc7d6d3
SSDEEP

24576:3lcSjZ4h7POKX1UshOrD5CWQ70BN8uum94+BHL3Po:1cSqh7mdsI3ozug+ZDPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e771268d74d8c4344eb04e6d45c2b5616490a82eb4e39d7f719f989d8660b33d

Files

e771268d74d8c4344eb04e6d45c2b5616490a82eb4e39d7f719f989d8660b33d
.dll windows x86

ae515c5b94de8d2ae5ca526117f0b4a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
FreeLibrary
WideCharToMultiByte
WriteFile
OutputDebugStringW
GetCurrentProcess
GetStartupInfoW
EnterCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleW
FindResourceExW
GetCurrentThreadId
GetCurrentProcessId
WriteConsoleW
SetEvent
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
SetStdHandle
DeleteCriticalSection
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
GetACP
GetModuleFileNameA
ExitProcess
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetFileType
GetModuleHandleExW
RtlUnwind
InterlockedFlushSList
GetThreadTimes
GetCurrentThread
FlushFileBuffers
LeaveCriticalSection
HeapDestroy
GetLastError
SetUnhandledExceptionFilter
RaiseException
CloseHandle
DecodePointer
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
CreateFileW
GetStringTypeW
EncodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
QueryPerformanceCounter
LCMapStringW
GetCPInfo
FindClose
FindNextFileA
IsProcessorFeaturePresent
UnhandledExceptionFilter
TerminateProcess
InitializeSListHead

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae515c5b94de8d2ae5ca526117f0b4a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 78KB - Virtual size: 78KB

.rdata Size: 64KB - Virtual size: 63KB

.data Size: 7KB - Virtual size: 13KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 78KB - Virtual size: 78KB

.rdata
Size: 64KB - Virtual size: 63KB

.data
Size: 7KB - Virtual size: 13KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 7KB - Virtual size: 6KB