3c55f798398c6d7477e17bd1c11ff829b512bdc53a4bfa191c9b2d7a1f30067d

Sharing

Copy URL Twitter E-mail

General

Target

3c55f798398c6d7477e17bd1c11ff829b512bdc53a4bfa191c9b2d7a1f30067d
Size

241KB
MD5

f79171bde5383e77133d19f7e44bb1f3
SHA1

04ad5c5c8e6e7ad2aaa2cd22fa3b834ba59236dd
SHA256

3c55f798398c6d7477e17bd1c11ff829b512bdc53a4bfa191c9b2d7a1f30067d
SHA512

8b5b9b7038cfff87eaea4cf052c2211bacc9ae7a50be4c042b162518a299ae376425d3b86fce27721d249a1ac921ea13e9c6c1510ca022b1b6750441836a57f2
SSDEEP

1536:+LroC4Ms+RFpWyfrpNYA49mUP6jxcx4OG5GXFu:+LroC4MsgFYM9N1UP6jWx4O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c55f798398c6d7477e17bd1c11ff829b512bdc53a4bfa191c9b2d7a1f30067d

Files

3c55f798398c6d7477e17bd1c11ff829b512bdc53a4bfa191c9b2d7a1f30067d
.dll windows x86

ca3e2fdd1140aea54bb5bc2adb1927c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc120u

ord12122
ord10314
ord12799
ord12736
ord4546
ord7881
ord8206
ord5262
ord2444
ord12413
ord12412
ord14448
ord7806
ord14454
ord9279
ord4109
ord4047
ord12818
ord7825
ord1992
ord11858
ord11857
ord14326
ord12402
ord8352
ord14526
ord6251
ord14528
ord6253
ord14527
ord6252
ord992
ord6758
ord3809
ord5821
ord12114
ord8099
ord12126
ord12094
ord5157
ord5454
ord5664
ord9231
ord5430
ord5667
ord5160
ord5316
ord5137
ord7609
ord7610
ord7600
ord1467
ord7542
ord7884
ord8268
ord3806
ord1509
ord325
ord1050
ord2323
ord2204
ord324
ord1049
ord2366
ord2369
ord2334
ord2368
ord485
ord2226
ord2332
ord2142
ord2258
ord2357
ord5314
ord8101
ord10131
ord9090
ord1508

msvcr120

__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
__clean_type_info_names_internal
_except_handler4_common
?terminate@@YAXXZ
_initterm_e
_initterm
_malloc_crt
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??2@YAPAXI@Z
__CxxFrameHandler3
memset
free

kernel32

OutputDebugStringW
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
LocalFree
LocalAlloc
DeleteCriticalSection
InitializeCriticalSectionEx
DecodePointer

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca3e2fdd1140aea54bb5bc2adb1927c8

Headers

DLL Characteristics

File Characteristics

Imports

mfc120u

msvcr120

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 230KB - Virtual size: 230KB

.reloc Size: 1024B - Virtual size: 924B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 230KB - Virtual size: 230KB

.reloc
Size: 1024B - Virtual size: 924B