afe5c5d53149eb82ab9aa3682c28f1481d3c4586f908df7e2324d027aa8f5094

General

Target

afe5c5d53149eb82ab9aa3682c28f1481d3c4586f908df7e2324d027aa8f5094
Size

5KB
MD5

b084b67535b816949ea8a81ada715d3d
SHA1

95375b8c20f7996f40608f7db757605c07452bf8
SHA256

afe5c5d53149eb82ab9aa3682c28f1481d3c4586f908df7e2324d027aa8f5094
SHA512

381b1280ac95791936f650695d52eaca3392f0333416c7fbc8ddc255560b52becaaa28fe3c6d99a987fa472b37efff469429fc3055f7070815a7260ba31fa393
SSDEEP

96:0pZigodHvLlpYMYZVDFQXBcwn3dLEdrFSHfPZKKhuyI8M0p+JquFgPBsAO6YVKwX:4clvJJY/FJwZCyZKfr75Fg55O1VKwnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/loaderdll.dll

Files

afe5c5d53149eb82ab9aa3682c28f1481d3c4586f908df7e2324d027aa8f5094
.zip
loaderdll.dll
.dll windows x86

90f1701c5b7f8626aa15b1f9723ff0c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
WriteProcessMemory
ResumeThread
GetModuleHandleExA
GetLastError
CloseHandle
GetThreadContext
VirtualAllocEx
CreateProcessA
SetThreadContext
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_execute_onexit_table
_initialize_onexit_table
_cexit
_initterm
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
exit

api-ms-win-crt-stdio-l1-1-0

fopen
__acrt_iob_func
fclose
__stdio_common_vfprintf
fseek
fread
rewind
ftell

api-ms-win-crt-filesystem-l1-1-0

_splitpath

api-ms-win-crt-heap-l1-1-0

malloc

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
loaderdll.ini

Sharing

General

Malware Config

Signatures

Files

90f1701c5b7f8626aa15b1f9723ff0c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 912B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 372B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 912B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 372B