ab84d8e977f62146cf33cff610f18a83e67c530ba14cbf327329c545b2700b14

Sharing

Copy URL Twitter E-mail

General

Target

ab84d8e977f62146cf33cff610f18a83e67c530ba14cbf327329c545b2700b14
Size

28KB
MD5

793ec45d90e6c03dc4e0f015899c77d9
SHA1

2d6569c96be5b631ae17b58375372b85f1eec8af
SHA256

ab84d8e977f62146cf33cff610f18a83e67c530ba14cbf327329c545b2700b14
SHA512

f9802f11142771109967b0a86b16e54073cca14ae9b9cff32dd8ce187f31185ebd4c53ddd0dc70ad3b480f38c27a25d87b033303337d8414bd18184fdba2a3c7
SSDEEP

192:+Lm+r2DOOL6vnv8yjA614gR8q7B/IjzcVkWJjxjOrDZSXCbsvaggHv:+LmcDHdBwjulJ9j4DZYFvA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab84d8e977f62146cf33cff610f18a83e67c530ba14cbf327329c545b2700b14

Files

ab84d8e977f62146cf33cff610f18a83e67c530ba14cbf327329c545b2700b14
.dll windows x86

3d8c19f8b0a1e78a33b26c8be1831c77

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

api-ms-win-crt-filesystem-l1-1-0

_mkdir

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

msvcp140

?_Xlength_error@std@@YAXPBD@Z

kernel32

CreateProcessA
Sleep
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

vcruntime140

_CxxThrowException
_except_handler4_common
__std_exception_copy
__std_type_info_destroy_list
__std_exception_destroy
memcpy
memset

urlmon

URLDownloadToFileA

api-ms-win-crt-runtime-l1-1-0

_cexit
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv

Exports

Exports

newstart

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d8c19f8b0a1e78a33b26c8be1831c77

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

msvcp140

kernel32

vcruntime140

urlmon

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB