ee83cd83bc84a3a2c6ed820a60d5bdbd256e051d4be59a920e068d76bc9f3093

General

Target

ee83cd83bc84a3a2c6ed820a60d5bdbd256e051d4be59a920e068d76bc9f3093
Size

13KB
MD5

c701c3bdb90bcb602e492510afa44785
SHA1

4791ce6dcb7de6181221346c222719df1eea5bc9
SHA256

ee83cd83bc84a3a2c6ed820a60d5bdbd256e051d4be59a920e068d76bc9f3093
SHA512

c598084b18fd9684c62ca404d568d8d17b15a7254bbb304d011849b3b15ddda1e626764520aec396c710e55fac8c54d43ff3de2d6a8c3196b3937988c5ad6ac5
SSDEEP

192:fN+6PWco/ZFaYWaW1gY0e/6GOJ+M/VbJy2cu8tVSLnnoRfZiN:fN+6PWb/2jg9ZJ+M/ZJ6ZCLnnoRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee83cd83bc84a3a2c6ed820a60d5bdbd256e051d4be59a920e068d76bc9f3093

Files

ee83cd83bc84a3a2c6ed820a60d5bdbd256e051d4be59a920e068d76bc9f3093
.dll windows x86

bcb28b05d102ccf518fa9677923254bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OutputDebugStringW
GetProcAddress
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

memset
__CxxFrameHandler3
_purecall
__std_type_info_destroy_list
__std_terminate
_except_handler4_common
__std_exception_copy
__std_exception_destroy
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

CreateSamplePlugin
DestroySamplePlugin
DisablePlugin
EnablePlugin
addressingMixProc

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bcb28b05d102ccf518fa9677923254bb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 624B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 624B