2ccd1ca7b205eae08fd6885f9daabc3391c96d9e0643fdbc34da439c3cadee8a

Sharing

Copy URL Twitter E-mail

General

Target

2ccd1ca7b205eae08fd6885f9daabc3391c96d9e0643fdbc34da439c3cadee8a
Size

379KB
MD5

3f384a3d605400a110390aadc0a479c0
SHA1

a9b15efd576b8ccb3874ef3dd2f96bba33268e12
SHA256

2ccd1ca7b205eae08fd6885f9daabc3391c96d9e0643fdbc34da439c3cadee8a
SHA512

67953632b8745f83c7be859944886067bfdfe11b22f5d008a8ce76212d49c1ca75dc989bcf682e6e4cdbfd9c280d9f14642c9df77ab48f47af9d6000cbfc89e0
SSDEEP

6144:1/XcCcOPX9Q5jaEdhNI/oX9P0QWsv9XfgfmfpXL3ho/g:1/XcC7X9Q5jachKAXF0Q1XkoXOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ccd1ca7b205eae08fd6885f9daabc3391c96d9e0643fdbc34da439c3cadee8a

Files

2ccd1ca7b205eae08fd6885f9daabc3391c96d9e0643fdbc34da439c3cadee8a
.dll windows x86

14363d65f0b6867d2bc323ef96d86b41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
VirtualQuery
GetModuleFileNameA
GetFileSizeEx
WriteProcessMemory
VirtualProtect
HeapFree
SetLastError
GetHandleInformation
LoadLibraryExA
GetProcessId
InitializeCriticalSectionEx
GetEnvironmentVariableA
WaitForSingleObject
FreeLibraryAndExitThread
GetModuleHandleA
HeapSize
Sleep
GetModuleHandleExA
GetTickCount64
GetLastError
CreateFileA
DeleteFileA
HeapReAlloc
CloseHandle
K32GetModuleBaseNameA
GetNativeSystemInfo
RaiseException
FreeConsole
CreateThread
HeapAlloc
GetLocalTime
VirtualProtectEx
DecodePointer
HeapDestroy
GetProcAddress
VirtualAllocEx
DeleteCriticalSection
ExitProcess
GetCurrentProcessId
GetProcessHeap
FlushInstructionCache
CreateRemoteThread
CreateDirectoryA
VirtualFreeEx
AllocConsole
IsWow64Process
VirtualQueryEx
HeapCreate
GetCurrentProcess
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
GetThreadContext
GetModuleHandleW
SetThreadContext
OpenThread
WriteConsoleW
GetSystemInfo
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
GetModuleHandleExW
GetModuleFileNameW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
CompareStringW
LCMapStringW
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetTimeZoneInformation
WideCharToMultiByte
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetStringTypeW
CreateFileW
SetEndOfFile

Sections

.text
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14363d65f0b6867d2bc323ef96d86b41

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 265KB - Virtual size: 265KB

.rdata Size: 84KB - Virtual size: 84KB

.data Size: 8KB - Virtual size: 57KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 265KB - Virtual size: 265KB

.rdata
Size: 84KB - Virtual size: 84KB

.data
Size: 8KB - Virtual size: 57KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 19KB - Virtual size: 19KB