4b1f24919409516dc7612f4691bdc968a82aef7c46ee0364d3b124aa962bf356

Sharing

Copy URL

Twitter E-mail

General

Target

4b1f24919409516dc7612f4691bdc968a82aef7c46ee0364d3b124aa962bf356
Size

2.0MB
MD5

07e12f0fbe757b93db34f0327447fc61
SHA1

46dfec6269a6e1d787c3ed406b625dd986320023
SHA256

4b1f24919409516dc7612f4691bdc968a82aef7c46ee0364d3b124aa962bf356
SHA512

3a0a591c80c151e5f431be85cdec679ff598e3c362711024398050f2239a2b63b0d4fca97f0131ad94d332f1130348f9c67c0d54805915166515eac9a3b9f3fc
SSDEEP

49152:H2p3sB3BCrM0MYbAPl7q9ux7TjgS1W7fNPX9HAeTBq/:H53AM0MYbAhqUx7Tjg0W7J9Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b1f24919409516dc7612f4691bdc968a82aef7c46ee0364d3b124aa962bf356

Files

4b1f24919409516dc7612f4691bdc968a82aef7c46ee0364d3b124aa962bf356
.dll windows:5 windows x86

6fee5dfccd4c8d541f241abcedfb862d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapSize
DecodePointer
DeleteCriticalSection
GetVersionExA
CloseHandle
SetFileAttributesW
FindResourceExW
FindResourceW
LoadResource
WideCharToMultiByte
SizeofResource
GetPrivateProfileStringA
LockResource
MapViewOfFile
UnmapViewOfFile
GetTickCount
GetCommandLineA
InitializeCriticalSection
Sleep
LeaveCriticalSection
GetSystemDirectoryA
EnterCriticalSection
CreateFileMappingA
GetModuleFileNameA
CreateMutexA
OutputDebugStringA
OpenFileMappingA
DeleteFileA
CreateThread
SystemTimeToFileTime
GetProcAddress
GetModuleHandleA
GetSystemTime
WaitForSingleObject
VirtualFree
SetLastError
VirtualAlloc
LoadLibraryA
CreateEventA
QueryPerformanceCounter
MultiByteToWideChar
GetLocalTime
FindResourceA
GetCurrentThread
GetTempPathA
SetEvent
ExpandEnvironmentStringsA
GetLastError
CopyFileA
GetPrivateProfileSectionA
GetCurrentProcess
SetFilePointerEx
GlobalAlloc
CreateProcessA
FlushFileBuffers
SetFileAttributesA
GlobalFree
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
OutputDebugStringW
WriteConsoleW
SetStdHandle
RaiseException
CreateFileW
ReadFile
HeapDestroy
HeapReAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetProcessHeap
CreateDirectoryW
HeapFree
HeapAlloc
SetFilePointer
LCMapStringW
LoadLibraryExW
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetFileType
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileSize
CreateFileA
CreateDirectoryA
EncodePointer
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RtlUnwind
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStdHandle
GetModuleFileNameW
SetEndOfFile

advapi32

RegOpenKeyExA
CryptAcquireContextA
CryptGenRandom
SetSecurityDescriptorDacl
RegCreateKeyA
InitializeSecurityDescriptor
RegSetValueExA
RegCloseKey
RegQueryValueExA
CryptReleaseContext

ole32

CoInitialize

shlwapi

PathFileExistsA

ws2_32

shutdown
bind
listen
accept
connect
recv
send
WSAStartup
recvfrom
WSAGetLastError
setsockopt
sendto
WSACleanup
socket
closesocket
gethostbyaddr
gethostbyname
ntohs
inet_addr
getpeername
htons

rpcrt4

UuidCreate

iphlpapi

SendARP
GetAdaptersInfo

Sections

.text
Size: 346KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6fee5dfccd4c8d541f241abcedfb862d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

shlwapi

ws2_32

rpcrt4

iphlpapi

Sections

.text Size: 346KB - Virtual size: 346KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 14KB - Virtual size: 39KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 15KB - Virtual size: 14KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 346KB - Virtual size: 346KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 14KB - Virtual size: 39KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 15KB - Virtual size: 14KB

.rmnet
Size: 56KB - Virtual size: 60KB