0c65d6801b6710159897b5e5f512850e2589ba5a8d2f5852d4020910f7e31896

Sharing

Copy URL Twitter E-mail

General

Target

0c65d6801b6710159897b5e5f512850e2589ba5a8d2f5852d4020910f7e31896
Size

59KB
MD5

6b01e39dbbba68718d4be24099d8dde0
SHA1

eb0f5aeb16385bc102e116bb8e13a2254249290d
SHA256

0c65d6801b6710159897b5e5f512850e2589ba5a8d2f5852d4020910f7e31896
SHA512

7d0678e0da54d05eb0ec8b1b1b17a04df0870c07d5c19d8c5ff8c216cbf7b6a2756e7757f08cb43a152f8453be0a8e3e89c916f7a6ea2f5c2f0d97c9cf01abe4
SSDEEP

768:SPI3Lf5VX0jEmhCL/0fI6D2cw7SkV4AziwD9S0dMZUf13D3b3:CgNL/0f9zwXV4AziwRS0i4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c65d6801b6710159897b5e5f512850e2589ba5a8d2f5852d4020910f7e31896

Files

0c65d6801b6710159897b5e5f512850e2589ba5a8d2f5852d4020910f7e31896
.dll windows:6 windows x64

1abe9e961217dbc7b1f380ca5edbcde8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

EnableWindow
SetWindowLongPtrW
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
RegisterClipboardFormatW
LoadStringW
GetWindowLongPtrW
GetParent
GetDlgItem
EndDialog
DialogBoxParamW

comctl32

CreatePropertySheetPageW

ole32

ReleaseStgMedium

msvcrt

_amsg_exit
free
_snwprintf
wcslen
wcscpy
memcpy
memcmp
_initterm
memset

kernel32

GlobalUnlock
TlsGetValue
LeaveCriticalSection
InitializeCriticalSection
GetLastError
LocalAlloc
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
EnterCriticalSection
LocalFree
GetCurrentProcessId
Sleep
GlobalLock
GetProcessHeap
HeapAlloc
GetProcAddress
FreeLibrary
DisableThreadLibraryCalls
HeapFree
LoadLibraryW

ntdll

DbgPrint

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1abe9e961217dbc7b1f380ca5edbcde8

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

ole32

msvcrt

kernel32

ntdll

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 276B

.pdata Size: 1024B - Virtual size: 576B

.rsrc Size: 42KB - Virtual size: 42KB

.reloc Size: 512B - Virtual size: 60B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 276B

.pdata
Size: 1024B - Virtual size: 576B

.rsrc
Size: 42KB - Virtual size: 42KB

.reloc
Size: 512B - Virtual size: 60B