69546c740cf876dbfe9f4e0642fa32178acccddaaf1e2abb3ef45ce1a5dfe77e

Sharing

Copy URL

Twitter E-mail

General

Target

69546c740cf876dbfe9f4e0642fa32178acccddaaf1e2abb3ef45ce1a5dfe77e
Size

2.0MB
MD5

7b82998a8978779ea029f36dc9560b47
SHA1

70181649c0ab7787a214e1e91937e745556d85c7
SHA256

69546c740cf876dbfe9f4e0642fa32178acccddaaf1e2abb3ef45ce1a5dfe77e
SHA512

fef028e02744b271dd355e6ee286ceb966fcb4e762009e8afb0982552cbd5243d592f1a1e2d0b0f6a9a94aaeaa3ca0818fc723c80910b3c310ad9189f3f502f9
SSDEEP

49152:P6yQDYm2GOdOfNqFZCdihQa+4brVCmwVdAWxpO:iyQl2G7HYQa+a8mOdAWxp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69546c740cf876dbfe9f4e0642fa32178acccddaaf1e2abb3ef45ce1a5dfe77e

Files

69546c740cf876dbfe9f4e0642fa32178acccddaaf1e2abb3ef45ce1a5dfe77e
.dll windows:5 windows x86

006b0811f054e3e425325e07b2f6bb32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

lz32

LZSeek
LZRead
GetExpandedNameW

msvcrt

feof
wcscoll

advapi32

InitiateSystemShutdownW
ControlService
SaferIdentifyLevel
SetSecurityDescriptorGroup

kernel32

OutputDebugStringA
GetBinaryTypeA
GetModuleFileNameW
GetModuleFileNameA
GetSystemTimeAsFileTime
InterlockedPushEntrySList
LeaveCriticalSection
EnterCriticalSection
GetExitCodeProcess
WaitForSingleObject
GetProcessHeap
VirtualAlloc
SetEvent
DeleteCriticalSection

gdi32

SetMapMode
GetCurrentObject

user32

CallMsgFilterA
ShowWindow
GetMessageA
SetWindowPlacement
ScreenToClient
GetUpdateRgn
PostQuitMessage
MoveWindow
SetWindowLongA
UpdateWindow
UnpackDDElParam

version

GetFileVersionInfoSizeW

setupapi

SetupDiDestroyDeviceInfoList

oleaut32

VarBoolFromR8
GetErrorInfo
LoadTypeLibEx

Exports

Exports

TzetselemwOt

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

006b0811f054e3e425325e07b2f6bb32

Headers

File Characteristics

Imports

lz32

msvcrt

advapi32

kernel32

gdi32

user32

version

setupapi

oleaut32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 36KB

CONST Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 20KB - Virtual size: 17KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 36KB

CONST
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 20KB - Virtual size: 17KB