1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

Sharing

Copy URL

Twitter E-mail

General

Target

1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752
Size

105KB
MD5

576b1abb539be5085a054f00b58d2ca9
SHA1

c52fcb422d99ac9764c2f5688d1476a55969a980
SHA256

1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752
SHA512

6ffb7b743581747f1d02d7f65a8dcfab03d6b29743d42f3d47870faa7494617d6f3436bff25f2727fd224dd4469b3b8357c891096fd9f0c31d2d2b6f35425f34
SSDEEP

1536:IJLM+cWIWGZpnMM0N12XvcBuqsu0+6ma+McfHfjsWjcdFjVODSTRD:kLM+epZpnT0NIXLFP+t/MFjVO+VD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752

Files

1c4a913ffcc6f2a4934692f2b0294f2a2fc488100a7f3cdebc6b1e1180340752
.dll windows x86

3cb3188c9aa358ac33ffcd9ee102304a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyA
GetModuleFileNameA
VirtualAlloc
Sleep
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
OutputDebugStringW
EncodePointer
DecodePointer
GetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsProcessorFeaturePresent
HeapSize
HeapFree
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
WriteFile
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
GetProcessHeap
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
LCMapStringW
VirtualQuery

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

ws2_32

connect
WSAStartup
inet_addr
htons
WSACleanup
recv
socket
closesocket
send

Exports

Exports

FMain
wdCommandDispatch
wdGetApplicationObject

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3cb3188c9aa358ac33ffcd9ee102304a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB