519ae9bf35e9c29514467a6003143ce778406eaaa3b4dc8e3bcb303fc67ee2bd

Sharing

Copy URL Twitter E-mail

General

Target

519ae9bf35e9c29514467a6003143ce778406eaaa3b4dc8e3bcb303fc67ee2bd
Size

12.2MB
MD5

b544b66ad7956ab5b1f45d51d958fc65
SHA1

5136be7f11fa195fe86e47df3d3d485b51eed8b8
SHA256

519ae9bf35e9c29514467a6003143ce778406eaaa3b4dc8e3bcb303fc67ee2bd
SHA512

3c8f8f5619545e2195cac3c0ef526ee1c5fa43adefcc1275176065296a34fac7865a4c5df3eba3dd40204bdb5c0e81ab12a5860da3c6f6f8b9f56ab3fa709091
SSDEEP

393216:YFhdFDE2T1gpHZR1iqAA/+0V1z4TP/4MI:YF/FDE2Tep5ReA20r4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
519ae9bf35e9c29514467a6003143ce778406eaaa3b4dc8e3bcb303fc67ee2bd

Files

519ae9bf35e9c29514467a6003143ce778406eaaa3b4dc8e3bcb303fc67ee2bd
.dll windows x86

78e8dfe8b4e61030c8b3f8c0cc995878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeviceIoControl
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

SetWindowPos
CharUpperBuffW

advapi32

DeleteService

shell32

SHAppBarMessage

ole32

CoUninitialize

shlwapi

PathFindFileNameA

ws2_32

htons

gdi32

CreateCompatibleDC

gdiplus

GdipCreateBitmapFromStream

msvcrt

_stricmp

Exports

Exports

GetClassObject
ȡָ��ı�_

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm0
Size: - Virtual size: 8.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm2
Size: 12.2MB - Virtual size: 12.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

78e8dfe8b4e61030c8b3f8c0cc995878

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

shlwapi

ws2_32

gdi32

gdiplus

msvcrt

Exports

Exports

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 9KB

.data Size: - Virtual size: 1.6MB

.vm0 Size: - Virtual size: 8.3MB

.vm1 Size: 4KB - Virtual size: 1KB

.vm2 Size: 12.2MB - Virtual size: 12.2MB

.reloc Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 816B

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 9KB

.data
Size: - Virtual size: 1.6MB

.vm0
Size: - Virtual size: 8.3MB

.vm1
Size: 4KB - Virtual size: 1KB

.vm2
Size: 12.2MB - Virtual size: 12.2MB

.reloc
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 816B