19b287a4682b6cb4093352b18c6cd3977f4bfc717804915053ce0b2255dda774

Sharing

Copy URL Twitter E-mail

General

Target

19b287a4682b6cb4093352b18c6cd3977f4bfc717804915053ce0b2255dda774
Size

41KB
MD5

e0eda59320dc34ce85452d67954301ea
SHA1

32bc46c998eba246cb1e948dece3bacbef39e278
SHA256

19b287a4682b6cb4093352b18c6cd3977f4bfc717804915053ce0b2255dda774
SHA512

7ae122a2e37fd791bdbf22eb5d6daef77a04540edfa925c6edb312c2097dc818b487d3298b9980152e295a79acd16ba20937bba29cebcebe27a9b4c3b37f74b9
SSDEEP

768:/OOAcbweQvGJmZXIZ23rFh0B261tIJ3aycKNb82ZDukXOlANO:Ap5hUIJ3XDdOlOO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19b287a4682b6cb4093352b18c6cd3977f4bfc717804915053ce0b2255dda774

Files

19b287a4682b6cb4093352b18c6cd3977f4bfc717804915053ce0b2255dda774
.dll windows x64

8122ddd067f396fc261e36486ddf261e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mfc100u

ord3611
ord6954
ord6959
ord4826
ord12165
ord4989
ord12163
ord5637
ord3163
ord6451
ord10805
ord5338
ord12251
ord2354
ord8038
ord10845
ord7870
ord9747
ord10101
ord9216
ord2885
ord2884
ord2663
ord369
ord5582
ord2102
ord3261
ord5340
ord12255
ord2794
ord2791
ord9024
ord7088
ord2355
ord13766
ord13768
ord13767
ord13765
ord13769
ord13752
ord13680
ord13681
ord7968
ord10763
ord3282
ord10626
ord13001
ord7803
ord10892
ord5998
ord9734
ord8084
ord2760
ord12359
ord10928
ord10926
ord1479
ord1486
ord1492
ord1490
ord4610
ord4228
ord4265
ord4236
ord4248
ord4244
ord4240
ord4270
ord4261
ord4232
ord4274
ord4253
ord4219
ord4223
ord4256
ord3857
ord4935
ord13687
ord3850
ord2577
ord7961
ord6837
ord13009
ord12926
ord5910
ord10414
ord12208
ord5064
ord2286
ord10798
ord3362
ord2859
ord2858
ord2759
ord10841
ord885
ord7573
ord3998
ord4043
ord959
ord411
ord2019
ord11212
ord2025
ord957
ord2444
ord10642
ord409
ord2029
ord1991
ord3969
ord2439
ord11012
ord898
ord324
ord291
ord7608
ord287
ord6660
ord6670
ord6669
ord4457
ord4612
ord4476
ord4715
ord8174
ord4907
ord4737
ord4473
ord1457
ord12842
ord12836
ord12434
ord266
ord4348
ord11175
ord296
ord280
ord286
ord890
ord1288
ord1290
ord2533
ord11480
ord7222
ord2541
ord285
ord5052
ord1276
ord2023
ord2015
ord1900
ord5112
ord8037
ord13003
ord7096
ord857
ord11828
ord1248
ord1919
ord3486
ord926
ord396
ord1953
ord457
ord7359
ord1424
ord5300
ord998
ord992
ord858
ord1697
ord4005
ord1249
ord4131
ord1497
ord1278

msvcr100

?_type_info_dtor_internal_method@type_info@@QEAAXXZ
free
malloc
__C_specific_handler
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_initterm
_initterm_e
__CxxFrameHandler3
_CxxThrowException
__clean_type_info_names_internal
__crt_debugger_hook
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null

kernel32

GetModuleFileNameW
GetPrivateProfileStringW
EncodePointer
DecodePointer
Sleep
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
LocalFree
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter

user32

EnableWindow
MessageBoxW
SendMessageW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
OleRun

oleaut32

SysFreeString
SysStringByteLen
VariantChangeType
VariantInit
SysAllocStringByteLen
VariantCopy
VariantClear
SysAllocString
GetErrorInfo

Exports

Exports

ReadStdPartIntegrationData

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8122ddd067f396fc261e36486ddf261e

Headers

DLL Characteristics

File Characteristics

Imports

mfc100u

msvcr100

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 1020B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 686B

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 1020B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 686B