6f50f2a4a5881eaaab4e401ce539b89921c5ea6ac5ca3301a2e977ccc1d7db04

Sharing

Copy URL Twitter E-mail

General

Target

6f50f2a4a5881eaaab4e401ce539b89921c5ea6ac5ca3301a2e977ccc1d7db04
Size

303KB
MD5

9b999c559222f677b2c8dc1505e1044a
SHA1

8c1a9abe80b95addb9cc1761daa5c767f0701eb2
SHA256

6f50f2a4a5881eaaab4e401ce539b89921c5ea6ac5ca3301a2e977ccc1d7db04
SHA512

eec3d145dd390ff4043e7607627e4920966b8eece6b6e69912f3690c1349b82e49bb22d04043e5a0c90380b93923a091bf034a319557696638f2a2605ff9a4c5
SSDEEP

6144:mKUovm4z/iMO1Pr0mM8m82r4E87ySWex9AO9bG:mKM4/iMZB8m82GB9/K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f50f2a4a5881eaaab4e401ce539b89921c5ea6ac5ca3301a2e977ccc1d7db04

Files

6f50f2a4a5881eaaab4e401ce539b89921c5ea6ac5ca3301a2e977ccc1d7db04
.dll windows:6 windows x86

474fec7fcd7d78169371d1c4fa47aace

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenProcess
CreateToolhelp32Snapshot
MultiByteToWideChar
GetLastError
Process32NextW
GetCurrentThread
TerminateThread
Process32FirstW
CloseHandle
GetNativeSystemInfo
VirtualProtectEx
GetProcAddress
VirtualAllocEx
ReadProcessMemory
GetCurrentProcessId
GetModuleHandleW
WideCharToMultiByte
VirtualFreeEx
IsWow64Process
VirtualQueryEx
CreateFileW
WaitForSingleObject
VirtualAlloc
GetCurrentProcess
VirtualFree
WriteProcessMemory
HeapSize
ReadConsoleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
HeapAlloc
SetStdHandle
GetFileType
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
GetStdHandle
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
ReadFile
GetFileSizeEx
SetFilePointerEx
WriteConsoleW

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
RegCloseKey
OpenProcessToken
RegOpenKeyExW
OpenThreadToken
RegQueryValueExW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

capi_GetCurrentAppVersion
capi_GetPushStreamUrl
capi_GetSupportAppVersion
capi_Init
capi_UnInit

Sections

.text
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

474fec7fcd7d78169371d1c4fa47aace

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

version

Exports

Exports

Sections

.text Size: 218KB - Virtual size: 217KB

.rdata Size: 67KB - Virtual size: 66KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 218KB - Virtual size: 217KB

.rdata
Size: 67KB - Virtual size: 66KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 10KB