409d5d3f266a925ab89c1e4374cef2a5d8bb7df48be9c6d4d90573b32acabc9f

Sharing

Copy URL Twitter E-mail

General

Target

409d5d3f266a925ab89c1e4374cef2a5d8bb7df48be9c6d4d90573b32acabc9f
Size

78KB
MD5

a9e0888213cd9708418e0e69bb646cd3
SHA1

0b5ef4633596a2d4cd01b03d0082f2f5d9f3ddc0
SHA256

409d5d3f266a925ab89c1e4374cef2a5d8bb7df48be9c6d4d90573b32acabc9f
SHA512

7db16b0330b1d7ab5a46ad1c22ddb600e258dfe42fe415a710b87d5465b100925a5c3c8e8c2aee1790b92a9e557dc4dbe8f7b7b25ee495d025dba85d4ae0ce5a
SSDEEP

1536:6+f3aUuYZdhYoKBD7rcRA2+LVV5DQQaI53XF0jbvvF5evuwhI:6+/aUuFBzcL2BDQQaI5XF0jbvvnevuwi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409d5d3f266a925ab89c1e4374cef2a5d8bb7df48be9c6d4d90573b32acabc9f

Files

409d5d3f266a925ab89c1e4374cef2a5d8bb7df48be9c6d4d90573b32acabc9f
.dll windows x86

2cbdf6c4693af6a059a1b5312fa27fd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
GetModuleFileNameW
GetPrivateProfileStringW
GetFileAttributesW
SetFileAttributesW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter

msvcp140

?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?id@?$collate@D@std@@2V0locale@2@A
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Xlength_error@std@@YAXPBD@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Strcoll
_Strxfrm
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ

vcruntime140

memset
memcpy
__std_type_info_destroy_list
_CxxThrowException
_purecall
strchr
wcsrchr
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3
_except_handler4_common
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vsnwprintf_s
fflush
__stdio_common_vfwprintf

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment

api-ms-win-crt-string-l1-1-0

wcstok_s
wcscpy_s
strncpy_s

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
realloc

api-ms-win-crt-convert-l1-1-0

strtol

Exports

Exports

CFG_ClearAllConfig
CFG_ClearConfig
CFG_CreateObject
CFG_FreeObject
CFG_GetIniPath
CFG_GetInt
CFG_GetSection
CFG_GetString
CFG_LoadConfig
CFG_LoadConfigBySection
CFG_SetInt
CFG_SetSection
CFG_SetString
CreateConfigObject

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cbdf6c4693af6a059a1b5312fa27fd1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

Exports

Exports

Sections

.text Size: 55KB - Virtual size: 54KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 55KB - Virtual size: 54KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB