c67fb27f856353cdfaf07a75470e539760422283bbbdcd544ef1422ced7b223b

Sharing

Copy URL Twitter E-mail

General

Target

c67fb27f856353cdfaf07a75470e539760422283bbbdcd544ef1422ced7b223b
Size

6.7MB
MD5

537eab5480ef3208e054133832b66c4a
SHA1

4b05aa882f7253d618e37de67f5684726307cda7
SHA256

c67fb27f856353cdfaf07a75470e539760422283bbbdcd544ef1422ced7b223b
SHA512

2ccc581a80a811d387ebc411b2b37882bc5e04449bf6dce39710dec179616283dd992edd9dfbef140b5cde6c1765b75c177158a1e608bd9b5d7987c7488b10bb
SSDEEP

98304:s8Y/QSirHv2RKR7dJvhKY1RLm5WylFVifrkmoLmhSJPvtA9Pjlf:52irHF7dJvhKY1RL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c67fb27f856353cdfaf07a75470e539760422283bbbdcd544ef1422ced7b223b

Files

c67fb27f856353cdfaf07a75470e539760422283bbbdcd544ef1422ced7b223b
.dll windows:4 windows x64

928b316f3126865cdd91c5fd11b09dbf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

oleaut32

SysStringLen
VariantClear
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
SysAllocStringLen

user32

CharUpperW
CharPrevExA

advapi32

SystemFunction036

msvcrt

strchr
_purecall
memset
free
malloc
strlen
__CxxFrameHandler
realloc
strstr
wcscmp
strcmp
memmove
_CxxThrowException
memcpy
memcmp
exit
__C_specific_handler
_beginthreadex
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
Sleep
CreateEventW
SetThreadAffinityMask
ResumeThread
WaitForSingleObject
SetEvent
DeleteFileW
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetOEMCP
DeleteCriticalSection
LocalFileTimeToFileTime
WaitForMultipleObjects
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatusEx
GetSystemInfo
GetCurrentProcess
GetProcessAffinityMask
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareFileTime
WriteFile
ReadFile
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
SetFileTime
CreateFileW
SetFileAttributesW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
GetTempPathW
SetLastError
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
GetFileInformationByHandle
FindClose
FindFirstFileW
GetModuleHandleA
GetFileAttributesW

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetModuleProp
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

928b316f3126865cdd91c5fd11b09dbf

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 344KB - Virtual size: 343KB

.data Size: 1KB - Virtual size: 35KB

.pdata Size: 76KB - Virtual size: 76KB

.rsrc Size: 5.0MB - Virtual size: 5.0MB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 344KB - Virtual size: 343KB

.data
Size: 1KB - Virtual size: 35KB

.pdata
Size: 76KB - Virtual size: 76KB

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 13KB - Virtual size: 12KB