e208a3d4f1a1f695846e55e6bd7aec91073f734cf460617f3aaa8ca13ca0e549

Sharing

Copy URL Twitter E-mail

General

Target

e208a3d4f1a1f695846e55e6bd7aec91073f734cf460617f3aaa8ca13ca0e549
Size

179KB
MD5

032fd0a17cb5a009e1c93c52ad28895e
SHA1

6edb65e753ab98c07639528444681f9443298fe7
SHA256

e208a3d4f1a1f695846e55e6bd7aec91073f734cf460617f3aaa8ca13ca0e549
SHA512

ba0bef44bc77eda5a20077b49d11a539ecb80b1b1fd960c0f7fdb50559bd2c94af2323333e6b51a5d0d2d25412370777b845838f3fa058061c5476436840ce72
SSDEEP

3072:5QKWBjjTodBHLLtUBiNaa+nqyMfv2vjFNv5VKAg0Fuj0MwvjiOST:3u/TIBrR6iNalq3AOZcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e208a3d4f1a1f695846e55e6bd7aec91073f734cf460617f3aaa8ca13ca0e549

Files

e208a3d4f1a1f695846e55e6bd7aec91073f734cf460617f3aaa8ca13ca0e549
.dll windows:6 windows x86

44154e6ccdc3fd70f5df8c373518e667

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
FileTimeToSystemTime
HeapReAlloc
CloseHandle
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetModuleFileNameW
GetDriveTypeW
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapSize
InitializeCriticalSectionEx
TerminateProcess
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
SetFilePointerEx
GetConsoleCP
HeapFree
GetProcAddress
FindClose
WriteFile
FlushFileBuffers
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
EncodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
CreateFileW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetACP
ReadFile
GetConsoleMode
ReadConsoleW
WriteConsoleW

user32

MessageBoxW

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44154e6ccdc3fd70f5df8c373518e667

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 53KB - Virtual size: 52KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 53KB - Virtual size: 52KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB