63ece37f6e2e30ad9449b35de7c2a3bf606a4d18577ce6b068c664386938364f

Sharing

Copy URL Twitter E-mail

General

Target

63ece37f6e2e30ad9449b35de7c2a3bf606a4d18577ce6b068c664386938364f
Size

1.8MB
MD5

930396bdc0b35fa46b47b1cd72564525
SHA1

dbd186517a05bd79062efb7a6718e314d39108fe
SHA256

63ece37f6e2e30ad9449b35de7c2a3bf606a4d18577ce6b068c664386938364f
SHA512

143d8c67839ec519390ed564cc20f2fd5e0cd9aa7f7d7562478abf93eb2bb64a521a81613abc94d5c9ac0c633f4f94af533f3638223802f517de25dd06642449
SSDEEP

24576:GjIzkQz+KpP6FQ58EoWRvetH13PRkqY7rTTESYYNfrgPMwEAtP9TbCNAxpk:hDim8EZe47rrrgPzEAtP9TbwAxpk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63ece37f6e2e30ad9449b35de7c2a3bf606a4d18577ce6b068c664386938364f

Files

63ece37f6e2e30ad9449b35de7c2a3bf606a4d18577ce6b068c664386938364f
.dll windows:6 windows x86

665c5de400b1aa473b6fc9e4c9a05257

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

closesocket
WSASetLastError
send
recv
WSAGetLastError
WSACleanup

kernel32

GetACP
IsValidCodePage
FindFirstFileExW
GetFullPathNameW
GetCurrentDirectoryW
FlushFileBuffers
DecodePointer
SetEndOfFile
GetConsoleCP
SetStdHandle
SetFilePointerEx
HeapAlloc
HeapFree
GetProcessHeap
WideCharToMultiByte
CreateFileW
CloseHandle
ReadFile
HeapCreate
HeapDestroy
HeapReAlloc
GetFileSizeEx
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcess
GetOEMCP
GetLastError
SetLastError
GetCurrentProcessId
SwitchToThread
GetModuleHandleA
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleHandleExW
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
MultiByteToWideChar
DeleteFiber
TerminateProcess
GetSystemTimeAsFileTime
ConvertFiberToThread
FreeLibrary
LoadLibraryA
HeapSize
FindClose
FindFirstFileW
FindNextFileW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
LCMapStringW
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetTimeZoneInformation
LoadLibraryW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
EncodePointer
LoadLibraryExW
GetModuleFileNameW
WriteConsoleW
ExitProcess
SetConsoleCtrlHandler
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
OutputDebugStringW
CompareStringW

user32

GetUserObjectInformationW
GetProcessWindowStation
MessageBoxW

advapi32

CryptGenRandom
CryptReleaseContext
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource

Exports

Exports

xGetClassObject

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

665c5de400b1aa473b6fc9e4c9a05257

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 420KB - Virtual size: 419KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 56KB - Virtual size: 55KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 420KB - Virtual size: 419KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 56KB - Virtual size: 55KB