e987354a96b477a59c2b4fa797f7b161681d9c80efbe5fc16ec28184d5b70d25

Sharing

Copy URL

Twitter E-mail

General

Target

e987354a96b477a59c2b4fa797f7b161681d9c80efbe5fc16ec28184d5b70d25
Size

11.6MB
MD5

6698b8b9ff4bf7f4d6e91f2844eeb98c
SHA1

f4547014d1ba2ebf97e9beca07035da1d54c800a
SHA256

e987354a96b477a59c2b4fa797f7b161681d9c80efbe5fc16ec28184d5b70d25
SHA512

4651b61d0048cc5f7f21ba3ffcd8cf70e0e871eca48ac051df6d376127c37162d2c45fcc0ee7bccdc4ad957e39cbde0d8c63767ad984b90037012ab13dfdfa2a
SSDEEP

196608:VgiQOr1U3tNN16iE857TRwAdPNtc/757uUZp9F7AsHu/kgZ1MveagYJ6:VEo1U3tNN1ZE8NTS81tc/t7ugHAkuImg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e987354a96b477a59c2b4fa797f7b161681d9c80efbe5fc16ec28184d5b70d25

Files

e987354a96b477a59c2b4fa797f7b161681d9c80efbe5fc16ec28184d5b70d25
.dll regsvr32 windows:5 windows x64

0e31ba4afb3defdaadcd457932fea953

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

msvcrt

__iob_func

Exports

Exports

DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
StartW

Sections

.text
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

..rZ
Size: - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.w`!
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kmC
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e31ba4afb3defdaadcd457932fea953

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: - Virtual size: 7KB

.data Size: - Virtual size: 1KB

.rdata Size: - Virtual size: 1KB

.pdata Size: - Virtual size: 684B

.xdata Size: - Virtual size: 516B

.bss Size: - Virtual size: 2KB

.edata Size: - Virtual size: 176B

.idata Size: - Virtual size: 1KB

.CRT Size: - Virtual size: 88B

.tls Size: - Virtual size: 16B

..rZ Size: - Virtual size: 6.7MB

.w`! Size: 2KB - Virtual size: 2KB

.kmC Size: 11.5MB - Virtual size: 11.5MB

.reloc Size: 512B - Virtual size: 264B

.text
Size: - Virtual size: 7KB

.data
Size: - Virtual size: 1KB

.rdata
Size: - Virtual size: 1KB

.pdata
Size: - Virtual size: 684B

.xdata
Size: - Virtual size: 516B

.bss
Size: - Virtual size: 2KB

.edata
Size: - Virtual size: 176B

.idata
Size: - Virtual size: 1KB

.CRT
Size: - Virtual size: 88B

.tls
Size: - Virtual size: 16B

..rZ
Size: - Virtual size: 6.7MB

.w`!
Size: 2KB - Virtual size: 2KB

.kmC
Size: 11.5MB - Virtual size: 11.5MB

.reloc
Size: 512B - Virtual size: 264B