e1f2bb668455dcc1a85ad36b6b0f40a8bc27f96ca6426772fdc04571c92e72d6

Sharing

Copy URL

Twitter E-mail

General

Target

e1f2bb668455dcc1a85ad36b6b0f40a8bc27f96ca6426772fdc04571c92e72d6
Size

43KB
MD5

f1783c61f382fe2fa85ddb3e7ca1dbc2
SHA1

4b0e47e7b59bdce182a8214cba5cc25bcab4b0d6
SHA256

e1f2bb668455dcc1a85ad36b6b0f40a8bc27f96ca6426772fdc04571c92e72d6
SHA512

2cedaef06ec45da04125e468bb2e10769e3e7659103db64d29e35b7121aeae98f4abb5bf1b620cff37c20eb4eb595f49088a1f30b4c093a3a2c75e2aac4bb6dc
SSDEEP

768:+XS9GrAt3NhVkNOl2c7e7BlLgLEdYnqc0ABuOEdGPeOB1to3ruhFP7:+2oAt3JiOlFedKnqc0Awr0PRB123ruz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1f2bb668455dcc1a85ad36b6b0f40a8bc27f96ca6426772fdc04571c92e72d6

Files

e1f2bb668455dcc1a85ad36b6b0f40a8bc27f96ca6426772fdc04571c92e72d6
.dll windows x86

41ee42e2765df61b7b486dbcb23fee73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc110

ord12318
ord2430
ord5212
ord8130
ord7808
ord4519
ord12638
ord12701
ord10228
ord12028
ord8191
ord1459
ord7470
ord8273
ord2327
ord1652
ord4256
ord316
ord300
ord310
ord1520
ord4594
ord8532
ord14155
ord14149
ord8570
ord8571
ord8166
ord4746
ord969
ord1955
ord1954
ord12388
ord1439
ord553
ord8311
ord1645
ord1176
ord3750
ord3631
ord994
ord11949
ord3203
ord3309
ord3308
ord3874
ord11905
ord2626
ord5277
ord5782
ord13449
ord11501
ord6710
ord14242
ord14328
ord7735
ord14330
ord2995
ord4424
ord9495
ord5643
ord4432
ord4870
ord4837
ord4831
ord4867
ord4889
ord4846
ord4875
ord4885
ord4854
ord4858
ord4862
ord4850
ord4879
ord4842
ord1724
ord1715
ord1719
ord1711
ord1702
ord12038
ord12040
ord13619
ord4084
ord9063
ord10795
ord6809
ord12001
ord8773
ord14322
ord11719
ord3772
ord12317
ord8947
ord11510
ord11509
ord5507
ord10085
ord10081
ord10083
ord10084
ord10082
ord1463
ord2705
ord8018
ord10052
ord3240
ord3243
ord13502
ord6066
ord5975
ord6375
ord3104
ord3341
ord3340
ord457
ord4415
ord10266
ord11180
ord10808
ord8848
ord11953
ord9017
ord2704
ord13498
ord6064
ord11912
ord7311
ord6341
ord3087
ord5729
ord4154
ord8556
ord2933
ord3806
ord8936
ord6433
ord5698
ord4157
ord8940
ord5831
ord8270
ord3767
ord13395
ord13405
ord5664
ord5524
ord7873
ord7878
ord7327
ord4023
ord12720
ord7753
ord1978
ord11766
ord11765
ord14201
ord12307
ord7811
ord14401
ord6192
ord14403
ord6194
ord14402
ord6193
ord987
ord6694
ord3786
ord5765
ord12020
ord8025
ord12032
ord12000
ord5107
ord5404
ord5614
ord9155
ord5380
ord5617
ord5110
ord5266
ord5091
ord7537
ord7538
ord7528
ord14329
ord7734
ord14327
ord11870
ord9203
ord5264
ord8027
ord10047
ord9016
ord1171
ord1061
ord1102
ord4025
ord4809
ord1043
ord323
ord3783
ord1501
ord324
ord1044
ord2305
ord2189
ord2352
ord2355
ord2318
ord2354
ord484
ord2211
ord2316
ord2128
ord2242
ord2343
ord485
ord2384
ord1517
ord1038
ord7991
ord266
ord1498
ord3204
ord1500

msvcr110

_crt_debugger_hook
__CxxFrameHandler3
memcpy_s
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__CppXcptFilter
malloc
memset
__clean_type_info_names_internal
__crtTerminateProcess
__crtUnhandledException
_CxxThrowException
_except_handler4_common
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit

kernel32

lstrlenW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetLastError
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
LocalAlloc
LocalFree
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

user32

GetFocus
GetDlgItem
SendMessageA
EnableWindow

ole32

CoCreateInstance

oleaut32

VariantChangeType
VariantCopy
VariantClear
VariantInit
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
GetErrorInfo
SetErrorInfo
CreateErrorInfo

Exports

Exports

DoQuery

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41ee42e2765df61b7b486dbcb23fee73

Headers

DLL Characteristics

File Characteristics

Imports

mfc110

msvcr110

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB