d7f9d4655c0781cc7397ad74cc022aa950f88c3587704047d951a6bfd5e89dc6

Sharing

Copy URL Twitter E-mail

General

Target

d7f9d4655c0781cc7397ad74cc022aa950f88c3587704047d951a6bfd5e89dc6
Size

1.4MB
MD5

cb1b1e2ae062f8dc286eb81ce5f1f058
SHA1

c8e237f9c11169cd3bd79bf0b27f5d7f088cfe5a
SHA256

d7f9d4655c0781cc7397ad74cc022aa950f88c3587704047d951a6bfd5e89dc6
SHA512

ff54376ac45f94cc772177a5d1f8a69275e5658273167e86eb5538ad642bfbfffb62296e63c961380c0fe533af68487541bdcbeeaff3aff704a1390bc0646bf7
SSDEEP

6144:obKtspSkzyyE5zvaiWvtnBrJ6Bl1xsBrIHLwSNipXq7KHXfcAYAf2MbYw:oKts4VWFnBlaar1SNcXqkfcAYS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7f9d4655c0781cc7397ad74cc022aa950f88c3587704047d951a6bfd5e89dc6

Files

d7f9d4655c0781cc7397ad74cc022aa950f88c3587704047d951a6bfd5e89dc6
.dll windows x86

09e3cfda48d4ac775d5fb367bffd354b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wintrust

WTHelperGetProvCertFromChain

oleaut32

SafeArrayCreate

shell32

SHGetFileInfoA
SHLoadInProc

setupapi

SetupDiDestroyDeviceInfoList

ws2_32

WSAGetLastError
select

kernel32

GetModuleFileNameA
GetModuleHandleA
GetBinaryTypeW
GetModuleFileNameW
GetSystemTimeAsFileTime
LeaveCriticalSection
GetExitCodeProcess
SetEvent
DeleteCriticalSection
CloseHandle
GetModuleHandleW

gdi32

UnrealizeObject
CreateMetaFileW
DeleteColorSpace

advapi32

RegGetKeySecurity
SetServiceObjectSecurity

shlwapi

StrCpyNW

user32

DefWindowProcA
AdjustWindowRectEx
ShowWindow
SetMessageExtraInfo

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CRT
Size: 708KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

36naf
Size: 628KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09e3cfda48d4ac775d5fb367bffd354b

Headers

File Characteristics

Imports

wintrust

oleaut32

shell32

setupapi

ws2_32

kernel32

gdi32

advapi32

shlwapi

user32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 36KB

CRT Size: 708KB - Virtual size: 704KB

36naf Size: 628KB - Virtual size: 624KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 36KB

CRT
Size: 708KB - Virtual size: 704KB

36naf
Size: 628KB - Virtual size: 624KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 12KB - Virtual size: 10KB