ca1522bc10c78f7ca00c1fc8e2f21ed6b33ebf1de2b0726112c406ac467ef60c

Sharing

Copy URL

Twitter E-mail

General

Target

ca1522bc10c78f7ca00c1fc8e2f21ed6b33ebf1de2b0726112c406ac467ef60c
Size

601KB
MD5

437aa5dd7eb0ff647f033dcdaddc0fb6
SHA1

8b71c116cb1e797f44ce78553f5f62c3011f6661
SHA256

ca1522bc10c78f7ca00c1fc8e2f21ed6b33ebf1de2b0726112c406ac467ef60c
SHA512

99d1b699aa6bd41393c291808135858455e929c9cfecadbce4bbe98abccffd04a09078ca718ef892f14bab22b06555eef3bddc73dc5b6e6c077155b963a65e3f
SSDEEP

12288:MtxogizSC7dikq+izSCan8aE9JizSCv/3:M7kJTE4XX/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca1522bc10c78f7ca00c1fc8e2f21ed6b33ebf1de2b0726112c406ac467ef60c

Files

ca1522bc10c78f7ca00c1fc8e2f21ed6b33ebf1de2b0726112c406ac467ef60c
.dll windows:6 windows x86

e4e223afbdc26b467e1812735ea5bd1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSACleanup
WSAStartup
inet_addr
send
socket
connect
recv
htons
WSAGetLastError

kernel32

SizeofResource
GetCurrentProcess
WriteFile
FindResourceA
WaitForSingleObject
LocalAlloc
GetModuleHandleA
MultiByteToWideChar
GetTempPathA
CreateFileA
DisableThreadLibraryCalls
LockResource
IsProcessorFeaturePresent
CloseHandle
LoadResource
GetProcAddress
LocalFree
GetCurrentProcessId
CreateProcessA
GlobalUnlock
GetTickCount
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
IsDebuggerPresent

user32

MapVirtualKeyA
GetSystemMetrics

advapi32

AdjustTokenPrivileges
RegCloseKey
RegDeleteKeyA
LookupPrivilegeValueA
RegSetValueExA
OpenProcessToken
RegOpenKeyExA
RegCreateKeyA

ole32

CoCreateGuid

msvcp140

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z

vcruntime140

__std_type_info_destroy_list
memmove
__std_exception_destroy
__std_exception_copy
memset
__CxxFrameHandler3
_except_handler4_common
memchr
memcpy
_CxxThrowException

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf_s
__stdio_common_vswprintf
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_initterm
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_exit
_seh_filter_dll
terminate
_cexit
_crt_atexit
_initterm_e

api-ms-win-crt-string-l1-1-0

isalnum

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

GSDrv_1
GSDrv_10
GSDrv_11
GSDrv_12
GSDrv_13
GSDrv_14
GSDrv_15
GSDrv_16
GSDrv_17
GSDrv_18
GSDrv_19
GSDrv_2
GSDrv_20
GSDrv_21
GSDrv_22
GSDrv_23
GSDrv_24
GSDrv_3
GSDrv_4
GSDrv_5
GSDrv_6
GSDrv_7
GSDrv_8
GSDrv_9

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmps0
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 539KB - Virtual size: 539KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4e223afbdc26b467e1812735ea5bd1e

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 1KB - Virtual size: 2KB

.vmps0 Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 539KB - Virtual size: 539KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 1KB - Virtual size: 2KB

.vmps0
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 539KB - Virtual size: 539KB