1a73cd4a39c0b0ae808f27f91c8478a8b058a9b384fbcb74bcee4cb04dc367e4

Sharing

Copy URL

Twitter E-mail

General

Target

1a73cd4a39c0b0ae808f27f91c8478a8b058a9b384fbcb74bcee4cb04dc367e4
Size

78KB
MD5

15db5ccf7cd1d4a9389204bfb796aa53
SHA1

8e59b89c13c9a32a49c80889ddd379fe333ed4b4
SHA256

1a73cd4a39c0b0ae808f27f91c8478a8b058a9b384fbcb74bcee4cb04dc367e4
SHA512

04d0afae7f37b275133912eac845235060a275a0bad7a140d6904711fc14e5a1e442bbfe177be5157ffb8b55f79eba0b5d3b9f7a8c3ba1fccefb2731f69dfd0c
SSDEEP

1536:pQzHhoMUCop37vlAJ2azLRZIOQU9EgZRb6CPdwE4:pQr6MUCopeJXpQUeCOX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a73cd4a39c0b0ae808f27f91c8478a8b058a9b384fbcb74bcee4cb04dc367e4

Files

1a73cd4a39c0b0ae808f27f91c8478a8b058a9b384fbcb74bcee4cb04dc367e4
.dll windows x64

ddc991756639550f5ea261acad8e3861

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CancelIo
SetEvent
ResetEvent
WaitForSingleObject
CreateEventA
Sleep
lstrcpyA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
GetProcAddress
LoadLibraryA
CreateDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetDiskFreeSpaceExA
GetDriveTypeA
GetFileAttributesA
GetFileSize
ReadFile
RemoveDirectoryA
SetFilePointer
WriteFile
GetVolumeInformationA
GetLastError
LocalAlloc
LocalReAlloc
IsDebuggerPresent
lstrlenA
GetLogicalDriveStringsA
MoveFileA
TerminateThread
CreatePipe
DisconnectNamedPipe
PeekNamedPipe
TerminateProcess
CreateProcessA
VirtualAlloc
GetStartupInfoA
GetCurrentThreadId
GetVersionExA
SetUnhandledExceptionFilter
SetErrorMode
ReleaseMutex
CreateMutexA
OpenEventA
GetTickCount
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
CloseHandle
UnhandledExceptionFilter
IsProcessorFeaturePresent
LocalFree

user32

GetThreadDesktop
wsprintfA
CharNextA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetUserObjectInformationA

shell32

ShellExecuteA
SHGetFileInfoA

ws2_32

getsockname
WSAIoctl
WSACleanup
gethostname
gethostbyname
socket
setsockopt
ntohs
recv
select
WSAStartup
closesocket
connect
htons
send

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

__std_exception_destroy
__std_exception_copy
__C_specific_handler
memmove
_CxxThrowException
__std_type_info_destroy_list
memset
memcpy
__CxxFrameHandler3

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_cexit
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_initterm
_initialize_onexit_table
_initterm_e
_configure_narrow_argv
_beginthreadex
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddc991756639550f5ea261acad8e3861

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ws2_32

msvcp140

vcruntime140

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 3KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 192B

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 3KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 192B