ca1adaa34a61e9a5e040af6a3f2590851298f06238efd5dc5cdd1d22fe712d77

Sharing

Copy URL Twitter E-mail

General

Target

ca1adaa34a61e9a5e040af6a3f2590851298f06238efd5dc5cdd1d22fe712d77
Size

2.4MB
MD5

8e0963fefbc031b9e8490015ee7097f8
SHA1

626df2a02a621bba75fb697886b795bfeacfeb07
SHA256

ca1adaa34a61e9a5e040af6a3f2590851298f06238efd5dc5cdd1d22fe712d77
SHA512

aaf8472cfa989431320ca4c7f534a6b2622654626976bac743b1cff6786a9d603ed81c47bb8e99f455844bb90569fcd71bf72585574ebf1c444fb2a6d5f25bdb
SSDEEP

49152:ajsmnBUL+24dr9d6pmFsg3O2bUg8toSrieb6qqRD3f:aQmnY4db7IntxrP6qK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca1adaa34a61e9a5e040af6a3f2590851298f06238efd5dc5cdd1d22fe712d77

Files

ca1adaa34a61e9a5e040af6a3f2590851298f06238efd5dc5cdd1d22fe712d77
.dll windows x86

c18ae1c45be15e4f14aa6fe0bfacd774

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

GetExpandedNameW

msvcrt

memset

setupapi

SetupOpenMasterInf
SetupDiLoadClassIcon

version

VerQueryValueA

winmm

midiInStart

wininet

InternetQueryDataAvailable

user32

ReleaseDC
PostQuitMessage
CloseWindowStation
FreeDDElParam
EnableScrollBar
ShowWindow
IsMenu

kernel32

GetModuleFileNameA
FindNextFileA
GetSystemTimeAdjustment
GetTapePosition
SetThreadPriorityBoost
TerminateThread
GetCommandLineW
CloseHandle
GetProcAddress
GetModuleHandleA
WaitForSingleObject
OutputDebugStringA
GetExitCodeProcess
GetProcessHeap
FileTimeToDosDateTime

shlwapi

SHIsLowMemoryMachine

gdi32

GetOutlineTextMetricsA
GetCharABCWidthsW

shell32

ShellExecuteW

advapi32

InitializeSecurityDescriptor
NotifyChangeEventLog
GetSecurityDescriptorLength

ole32

ReleaseStgMedium

oleaut32

SysStringByteLen
VarCyFromStr
GetRecordInfoFromGuids

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c18ae1c45be15e4f14aa6fe0bfacd774

Headers

DLL Characteristics

File Characteristics

Imports

lz32

msvcrt

setupapi

version

winmm

wininet

user32

kernel32

shlwapi

gdi32

shell32

advapi32

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 96KB - Virtual size: 98KB

.code Size: 2.2MB - Virtual size: 2.2MB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 48KB - Virtual size: 44KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 96KB - Virtual size: 98KB

.code
Size: 2.2MB - Virtual size: 2.2MB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 48KB - Virtual size: 44KB