e8edb3dc0ab1939ec3f9cae5fab108725c79ced30b13bb77a795a07e6ecfcba1

Sharing

Copy URL Twitter E-mail

General

Target

e8edb3dc0ab1939ec3f9cae5fab108725c79ced30b13bb77a795a07e6ecfcba1
Size

1.4MB
MD5

c8b9afe6f9e34ed0cc4f28c3cbce502e
SHA1

a3ce4f41eb422cbde26fcc44cb42f2502dffbd55
SHA256

e8edb3dc0ab1939ec3f9cae5fab108725c79ced30b13bb77a795a07e6ecfcba1
SHA512

9da2a58351ba9a7582c265669042510dafea74de4119ed27ddae92690ae59d2d6573168944114c84f0042423808defe09be599306d94c533f3a7578e8f117c78
SSDEEP

24576:vBX8dEItzX/QVgXsYKpRcoXri8CDMbsL+6EYa54XA:ZXsd5I+cYKpPYDMsL+6EYn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e8edb3dc0ab1939ec3f9cae5fab108725c79ced30b13bb77a795a07e6ecfcba1

Files

e8edb3dc0ab1939ec3f9cae5fab108725c79ced30b13bb77a795a07e6ecfcba1
.dll windows:6 windows x86

eb5eab120dcd2c86a3fd4f27814ab7a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetStdHandle
Sleep
GetTimeZoneInformation
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
GetFileSizeEx
ReadFile
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
GetStartupInfoW
GetModuleHandleW
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualQuery
FreeLibrary
GetProcAddress
FormatMessageA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
LocalFree
EncodePointer
DecodePointer
LCMapStringEx
GetLocaleInfoEx
GetStringTypeW
CompareStringEx
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetModuleFileNameW
LoadLibraryExW
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
HeapValidate
GetSystemInfo
GetModuleHandleExW
ExitProcess
GetCurrentThread
GetStdHandle
GetFileType
HeapReAlloc
HeapSize
HeapQueryInformation
OutputDebugStringW
WriteConsoleW
SetConsoleCtrlHandler
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
CreateFileW

advapi32

RegOpenKeyExA
RegCloseKey
RegGetValueA
RegEnumKeyExA

ws2_32

WSACleanup
WSAStartup
socket
setsockopt
sendto
WSAGetLastError
inet_ntoa
inet_addr
htons
htonl
closesocket
bind
recvfrom

iphlpapi

GetAdaptersInfo

Exports

Exports

addThePrinter
getPrinters

Sections

.textbss
Size: - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 235KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.msvcjmc
Size: 1024B - Virtual size: 551B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 806B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eb5eab120dcd2c86a3fd4f27814ab7a0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

iphlpapi

Exports

Exports

Sections

.textbss Size: - Virtual size: 551KB

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 235KB - Virtual size: 235KB

.data Size: 9KB - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 3KB

.msvcjmc Size: 1024B - Virtual size: 551B

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 1024B - Virtual size: 806B

.reloc Size: 40KB - Virtual size: 39KB

.textbss
Size: - Virtual size: 551KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 235KB - Virtual size: 235KB

.data
Size: 9KB - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 3KB

.msvcjmc
Size: 1024B - Virtual size: 551B

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 1024B - Virtual size: 806B

.reloc
Size: 40KB - Virtual size: 39KB