8eec6ef6a0aa8bcf7ec159277487e39d02e8b6d9903ec5a246a0a32a3bb843e2

Sharing

Copy URL

Twitter E-mail

General

Target

8eec6ef6a0aa8bcf7ec159277487e39d02e8b6d9903ec5a246a0a32a3bb843e2
Size

8.2MB
MD5

4afe6223317c8baa6d393bd67f98af4f
SHA1

fceb5167ea1ce8ab0fc07363f5577ed35b6e92b3
SHA256

8eec6ef6a0aa8bcf7ec159277487e39d02e8b6d9903ec5a246a0a32a3bb843e2
SHA512

477aa2abbdffc62244b5210087a6975f419b8d2b97a966605e73e53d85d12f8bf854ac71a76fa518c9826a9cd651fd34eed07ec9b66f411ba7c8110bb8b84180
SSDEEP

196608:eys5oTENljh3O+E3rirJ2YbdMCE5Fr7NhEp:eys5oQ3jhQuTdLE5l7gp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8eec6ef6a0aa8bcf7ec159277487e39d02e8b6d9903ec5a246a0a32a3bb843e2

Files

8eec6ef6a0aa8bcf7ec159277487e39d02e8b6d9903ec5a246a0a32a3bb843e2
.dll windows:6 windows x64

5443802b1850de56cd9540bd4c29ddce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CallWindowProcW
CharUpperBuffW

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z

ws2_32

closesocket

version

GetFileVersionInfoW

vcruntime140

__CxxFrameHandler3

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

_wcslwr

api-ms-win-crt-convert-l1-1-0

_itoa

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-heap-l1-1-0

_callnewh

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-math-l1-1-0

sin

Sections

.text
Size: - Virtual size: 1001KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.DWT
Size: - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.%^Q
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9xD
Size: 8.2MB - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5443802b1850de56cd9540bd4c29ddce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

ws2_32

version

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-math-l1-1-0

Sections

.text Size: - Virtual size: 1001KB

.rdata Size: - Virtual size: 344KB

.data Size: - Virtual size: 1.1MB

.pdata Size: - Virtual size: 27KB

.gfids Size: - Virtual size: 44B

.DWT Size: - Virtual size: 5.6MB

.%^Q Size: 3KB - Virtual size: 2KB

.9xD Size: 8.2MB - Virtual size: 8.2MB

.reloc Size: 512B - Virtual size: 196B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: - Virtual size: 1001KB

.rdata
Size: - Virtual size: 344KB

.data
Size: - Virtual size: 1.1MB

.pdata
Size: - Virtual size: 27KB

.gfids
Size: - Virtual size: 44B

.DWT
Size: - Virtual size: 5.6MB

.%^Q
Size: 3KB - Virtual size: 2KB

.9xD
Size: 8.2MB - Virtual size: 8.2MB

.reloc
Size: 512B - Virtual size: 196B

.rsrc
Size: 1KB - Virtual size: 1KB