07de872a440bb759dead2128e0efe1e8d7a77469a0c7ce3bbf6c22598823cc87

Sharing

Copy URL Twitter E-mail

General

Target

07de872a440bb759dead2128e0efe1e8d7a77469a0c7ce3bbf6c22598823cc87
Size

28KB
MD5

1bda518e988bad48b25c484b2b1a2306
SHA1

0a232a8d6b1754e28f98bd2c448705e412d21a3e
SHA256

07de872a440bb759dead2128e0efe1e8d7a77469a0c7ce3bbf6c22598823cc87
SHA512

5353e9ee63f13110b0514b69eb87325bbc61c492a21288d7244a48ac366b5babea23d3d0882b1cbb03050fae0bd469eef44c0369af08e29bacb011777fe467aa
SSDEEP

384:dUMzO3g2tv4JRGgP8yMgyuUT/GH9+y1VdfYf8oiL2Vm:dPzO3gfJpUzGdtAI2s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07de872a440bb759dead2128e0efe1e8d7a77469a0c7ce3bbf6c22598823cc87

Files

07de872a440bb759dead2128e0efe1e8d7a77469a0c7ce3bbf6c22598823cc87
.dll windows x86

2296ef519490655c6b00d6a565ce8886

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_amsg_exit
_initterm
_iob
_lock
_unlock
_write
abort
calloc
free
fwrite
realloc
strcmp
strlen
strncmp
strstr
vfprintf

libgio-2.0-0

g_dbus_proxy_call
g_dbus_proxy_call_finish
g_dbus_proxy_call_sync
g_dbus_proxy_new_for_bus_sync
g_io_extension_point_implement
g_io_extension_point_register
g_proxy_resolver_get_type
g_proxy_resolver_lookup
g_settings_get_boolean
g_settings_get_child
g_settings_get_enum
g_settings_get_int
g_settings_get_string
g_settings_get_strv
g_settings_new
g_simple_proxy_resolver_new
g_simple_proxy_resolver_set_default_proxy
g_simple_proxy_resolver_set_ignore_hosts
g_simple_proxy_resolver_set_uri_proxy
g_task_get_source_tag
g_task_is_valid
g_task_new
g_task_propagate_pointer
g_task_return_error
g_task_return_pointer
g_task_set_name
g_task_set_source_tag

libglib-2.0-0

g_build_filename
g_clear_error
g_free
g_getenv
g_log_structured_standard
g_mutex_clear
g_mutex_init
g_mutex_lock
g_mutex_unlock
g_return_if_fail_warning
g_strdup
g_strdup_printf
g_strdupv
g_strfreev
g_uri_escape_string
g_uri_is_valid
g_variant_get
g_variant_new
g_variant_unref
g_win32_get_package_installation_directory_of_module

libgobject-2.0-0

g_object_ref
g_object_unref
g_signal_connect_data
g_signal_handlers_disconnect_matched
g_type_class_adjust_private_offset
g_type_class_peek_parent
g_type_interface_peek_parent
g_type_module_add_interface
g_type_module_register_type

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain

Exports

Exports

g_io_gnomeproxy_load
g_io_gnomeproxy_query
g_io_gnomeproxy_unload

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 160B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2296ef519490655c6b00d6a565ce8886

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libintl-8

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 44B

.rdata Size: 3KB - Virtual size: 2KB

/4 Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 160B

.edata Size: 512B - Virtual size: 157B

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.reloc Size: 1024B - Virtual size: 1000B

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 44B

.rdata
Size: 3KB - Virtual size: 2KB

/4
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 160B

.edata
Size: 512B - Virtual size: 157B

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 1024B - Virtual size: 1000B