1e7b844a46540508846a3cf72372f4534becb28f554647ea1f0d81cb5a8bbf6e

Sharing

Copy URL Twitter E-mail

General

Target

1e7b844a46540508846a3cf72372f4534becb28f554647ea1f0d81cb5a8bbf6e
Size

59KB
MD5

e20b876681963cdb2913a191eef79fc1
SHA1

016641d06d9b55fb8f5e440fd1d129faeb979fa1
SHA256

1e7b844a46540508846a3cf72372f4534becb28f554647ea1f0d81cb5a8bbf6e
SHA512

f83b28ce71178aac54b6c48e08cf7ffea355e89549481ea96b0a8bc3c8998bf6075d23c316bb109422ed98573d1f8837d9e41c9b8dcf6387f5fe8a2a2853c375
SSDEEP

1536:509Lr+Ja0ytzsu/O0CzUVgrQ+u5rcragyxyyEW30UOth3fp:5010ytZO0C4395rcragAjE80UOth3fp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e7b844a46540508846a3cf72372f4534becb28f554647ea1f0d81cb5a8bbf6e

Files

1e7b844a46540508846a3cf72372f4534becb28f554647ea1f0d81cb5a8bbf6e
.dll windows x86

bffe16c94fc9be1e5100bcc6e71197e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount64
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr90

free
_encoded_null
_decode_pointer
_initterm
_initterm_e
?what@exception@std@@UBEPBDXZ
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
_malloc_crt
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_invalid_parameter_noinfo
??2@YAPAXI@Z
??3@YAXPAX@Z
_strnicmp
_encode_pointer
??0exception@std@@QAE@XZ
memmove_s
?_type_info_dtor_internal_method@type_info@@QAEXXZ
??0exception@std@@QAE@ABQBD@Z
_amsg_exit
memset
__CxxFrameHandler3
_CxxThrowException

Exports

Exports

ATPEndWork
ATPGetObject
ATPGetObjectCount
ATPGetObjectInfo
ATPStartWork

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bffe16c94fc9be1e5100bcc6e71197e1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp90

msvcr90

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB