38511fe0970d3fa7c9c9bc08ce84ab343a374a9fc8c4d7afcd0019e4c4485409

Sharing

Copy URL Twitter E-mail

General

Target

38511fe0970d3fa7c9c9bc08ce84ab343a374a9fc8c4d7afcd0019e4c4485409
Size

3.1MB
MD5

12bea4c2227ffd5a49f9ce9a208baa78
SHA1

1f8f0123a137fe8bdade020cbe18cc72b02a78bd
SHA256

38511fe0970d3fa7c9c9bc08ce84ab343a374a9fc8c4d7afcd0019e4c4485409
SHA512

928c9a777c1d1c89a13d45453b2e5d4796ea44911c56fd0a52c2fd642872790ad966e198a9a66ece4ce06beef270221c4ce0028e82d28230a56520da253c8ceb
SSDEEP

49152:/fCfNfmuXUFF+nRBXpRf3rsX/tsgN2gj3VI96nQM3A1Gk/aoE4LP4KF07qiBx54S:CfZmCY+3f3rI203aeEaoEQIqiW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38511fe0970d3fa7c9c9bc08ce84ab343a374a9fc8c4d7afcd0019e4c4485409

Files

38511fe0970d3fa7c9c9bc08ce84ab343a374a9fc8c4d7afcd0019e4c4485409
.dll windows x64

f70c21016ede276594b4eb1a29efa11f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxW
GetProcessWindowStation
GetUserObjectInformationW

Exports

Exports

SHGetFolderPathA
SHGetFolderPathW

Sections

.text
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f70c21016ede276594b4eb1a29efa11f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 58KB

.rdata Size: - Virtual size: 18KB

.data Size: - Virtual size: 119KB

.pdata Size: - Virtual size: 2KB

.idata Size: - Virtual size: 3KB

.data1 Size: - Virtual size: 606B

.upx0 Size: - Virtual size: 1.5MB

.upx1 Size: 3.1MB - Virtual size: 3.1MB

.reloc Size: 512B - Virtual size: 156B

.text
Size: - Virtual size: 58KB

.rdata
Size: - Virtual size: 18KB

.data
Size: - Virtual size: 119KB

.pdata
Size: - Virtual size: 2KB

.idata
Size: - Virtual size: 3KB

.data1
Size: - Virtual size: 606B

.upx0
Size: - Virtual size: 1.5MB

.upx1
Size: 3.1MB - Virtual size: 3.1MB

.reloc
Size: 512B - Virtual size: 156B