4ad1bee56b444955ed36414cd683dbbd5ee2bf244ba3fee9b784288ac57dc035

Sharing

Copy URL Twitter E-mail

General

Target

4ad1bee56b444955ed36414cd683dbbd5ee2bf244ba3fee9b784288ac57dc035
Size

78KB
MD5

0ff7bc143ab88973734b588c7771809f
SHA1

62384d5b685cba7b30a16e8536e4d0f746a7e9d9
SHA256

4ad1bee56b444955ed36414cd683dbbd5ee2bf244ba3fee9b784288ac57dc035
SHA512

8d929d0c6499ec6b696146412ee33222dd2dd3d7c0141f6a9699417d9d6da5d8b88387bfb0390cf1df98d18226ee52050f2de07046291681b42d6299dc3207b9
SSDEEP

1536:/Y/3uV4ZCuIYixBDNeUwJlVJr2QQaI53kFYlvb5evuwEXg:/YfuV4iBRe1hyQQaI5kFYlvdevuwEQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ad1bee56b444955ed36414cd683dbbd5ee2bf244ba3fee9b784288ac57dc035

Files

4ad1bee56b444955ed36414cd683dbbd5ee2bf244ba3fee9b784288ac57dc035
.dll windows x86

2cbdf6c4693af6a059a1b5312fa27fd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
GetModuleFileNameW
GetPrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

msvcp140

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?id@?$collate@D@std@@2V0locale@2@A
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Strxfrm
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

vcruntime140

memset
memcpy
__std_type_info_destroy_list
_CxxThrowException
_purecall
strchr
wcsrchr
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3
_except_handler4_common
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
fflush
__stdio_common_vfwprintf

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment

api-ms-win-crt-string-l1-1-0

wcstok_s
wcscpy_s
strncpy_s

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
realloc

api-ms-win-crt-convert-l1-1-0

strtol

Exports

Exports

CFG_ClearAllConfig
CFG_ClearConfig
CFG_CreateObject
CFG_FreeObject
CFG_GetIniPath
CFG_GetInt
CFG_GetSection
CFG_GetString
CFG_LoadConfig
CFG_LoadConfigBySection
CFG_SetInt
CFG_SetSection
CFG_SetString
CreateConfigObject

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cbdf6c4693af6a059a1b5312fa27fd1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB