9ebd8f85d954213b0a487ce0963cf43beac305b5cad5d1908e07732f6ad7a251

Sharing

Copy URL Twitter E-mail

General

Target

9ebd8f85d954213b0a487ce0963cf43beac305b5cad5d1908e07732f6ad7a251
Size

2.5MB
MD5

9b0fba30f1adfc8109f3514f6ba7275e
SHA1

b0a193621a7e85151dd93ea32246e003fbc34485
SHA256

9ebd8f85d954213b0a487ce0963cf43beac305b5cad5d1908e07732f6ad7a251
SHA512

f62dc0f9d7428f5d53e9c4d6e23735e02584e306593db5160d7593198d48e96ec4e75114d943b1e2cc41451d4ee7d2af1d1d6fdba3d1efffdca3d2f31120924a
SSDEEP

49152:2UZL+hjtHXAPsh+4tLTa4NP0wP4Tu5mw3IxNyMGRU6951OJnryu:2UZeamtTa1hu8wYkhb1EGu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ebd8f85d954213b0a487ce0963cf43beac305b5cad5d1908e07732f6ad7a251

Files

9ebd8f85d954213b0a487ce0963cf43beac305b5cad5d1908e07732f6ad7a251
.dll windows x86

35dfda48663f532e82d35d98844e4ca3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter

user32

IsRectEmpty

gdi32

SetTextAlign

msimg32

AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegEnumValueA

shell32

SHBrowseForFolderA

comctl32

ImageList_GetIconSize

shlwapi

PathFileExistsA

ole32

CoUninitialize

oleaut32

SysStringLen

ws2_32

socket

winmm

PlaySoundA

version

GetFileVersionInfoSizeA

oleacc

AccessibleObjectFromWindow

gdiplus

GdipAlloc

imm32

ImmReleaseContext

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Exports

Exports

FireInject

Sections

.text
Size: 1006KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35dfda48663f532e82d35d98844e4ca3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

winmm

version

oleacc

gdiplus

imm32

msvcrt

iphlpapi

psapi

Exports

Exports

Sections

.text Size: 1006KB - Virtual size: 2.7MB

.sedata Size: 1.5MB - Virtual size: 1.5MB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 22KB - Virtual size: 24KB

.reloc Size: 1024B - Virtual size: 4KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1006KB - Virtual size: 2.7MB

.sedata
Size: 1.5MB - Virtual size: 1.5MB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 22KB - Virtual size: 24KB

.reloc
Size: 1024B - Virtual size: 4KB

.sedata
Size: 4KB - Virtual size: 4KB