bd14514631e579a726704230406db06ef2e9883b885d48a1d9ab24303bf47371

Sharing

Copy URL Twitter E-mail

General

Target

bd14514631e579a726704230406db06ef2e9883b885d48a1d9ab24303bf47371
Size

8.5MB
MD5

1b0664dbf18db192530765deb3f48654
SHA1

bf293adb4489b8e1afeabe00ba740f7f5d1608c6
SHA256

bd14514631e579a726704230406db06ef2e9883b885d48a1d9ab24303bf47371
SHA512

9ad58783c5c248bc2adf8db103a9c808f282f7404ce20b88b95894457c772ceaf504af32976a902015188c58f292a9c05b353123b23fa5f3c0a03157ec1d3a9b
SSDEEP

196608:j/7cyYAygVWhGZlZRl4T5xe2/lRJCa+gKwI437WQbG:jTcXuFXZ/4TH9/lRJCa+aBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd14514631e579a726704230406db06ef2e9883b885d48a1d9ab24303bf47371

Files

bd14514631e579a726704230406db06ef2e9883b885d48a1d9ab24303bf47371
.dll windows x64

7d29e37829c452f55a02c3c8f22f3ff2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MsgWaitForMultipleObjects
CharUpperBuffW

gdi32

SelectObject

advapi32

OpenServiceA

shell32

SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal

oleaut32

SystemTimeToVariantTime

comctl32

ImageList_Destroy

psapi

GetMappedFileNameW

gdiplus

GdipCreateBitmapFromScan0

ws2_32

recv

Exports

Exports

DllMain

Sections

.text
Size: - Virtual size: 872KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.)Wi
Size: - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

."Ze
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5;A
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d29e37829c452f55a02c3c8f22f3ff2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

psapi

gdiplus

ws2_32

Exports

Exports

Sections

.text Size: - Virtual size: 872KB

.rdata Size: - Virtual size: 190KB

.data Size: - Virtual size: 55KB

.pdata Size: - Virtual size: 20KB

_RDATA Size: - Virtual size: 252B

.)Wi Size: - Virtual size: 5.9MB

."Ze Size: 3KB - Virtual size: 3KB

.5;A Size: 8.5MB - Virtual size: 8.5MB

.reloc Size: 512B - Virtual size: 208B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: - Virtual size: 872KB

.rdata
Size: - Virtual size: 190KB

.data
Size: - Virtual size: 55KB

.pdata
Size: - Virtual size: 20KB

_RDATA
Size: - Virtual size: 252B

.)Wi
Size: - Virtual size: 5.9MB

."Ze
Size: 3KB - Virtual size: 3KB

.5;A
Size: 8.5MB - Virtual size: 8.5MB

.reloc
Size: 512B - Virtual size: 208B

.rsrc
Size: 3KB - Virtual size: 2KB