97d3a665f0d45cf5a1e4aa189df7a0ce81d98ed13a8fe66e56bd11edcae7b246

Sharing

Copy URL Twitter E-mail

General

Target

97d3a665f0d45cf5a1e4aa189df7a0ce81d98ed13a8fe66e56bd11edcae7b246
Size

852KB
MD5

fb3000ae75e4c6a2c3d391b96dcd1422
SHA1

9a3126b638a63725c8352cb96b6ffabd80d85d81
SHA256

97d3a665f0d45cf5a1e4aa189df7a0ce81d98ed13a8fe66e56bd11edcae7b246
SHA512

5a6b374461a9eb2c4a85a57c8fb18b1b912ef59306dcbdacd497d0070e51fb078bd4da011f7a53410bd502f158008061e4bf20c9bfaaaff917d3b861cd400a23
SSDEEP

24576:mo4QiNeL0gdez62q9dZPbWgj65xcwIM4hJZ9RDro3p8TR6em4nuOEjYHqDXCU1b+:h4QiNzgdez62q7ZPbWgu5xcwIM4hJZ99

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97d3a665f0d45cf5a1e4aa189df7a0ce81d98ed13a8fe66e56bd11edcae7b246

Files

97d3a665f0d45cf5a1e4aa189df7a0ce81d98ed13a8fe66e56bd11edcae7b246
.dll windows:4 windows x64

95cebeb1aa5f958ccf3de0f06fb89efe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libgcc_s_seh-1

__emutls_get_address

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_errno
_filelengthi64
_fileno
_initterm
_localtime64
_lock
_setmode
_unlock
_wfopen
abort
calloc
clearerr
exit
fclose
ferror
fflush
fgetc
fgetpos
fputc
fread
free
fsetpos
fwrite
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
setvbuf
signal
strerror
strlen
strncmp
ungetc
vfprintf
wcschr
wcslen

user32

MessageBoxA

Exports

Exports

NimMain
Update

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95cebeb1aa5f958ccf3de0f06fb89efe

Headers

DLL Characteristics

File Characteristics

Imports

libgcc_s_seh-1

kernel32

msvcrt

user32

Exports

Exports

Sections

.text Size: 654KB - Virtual size: 653KB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 154KB - Virtual size: 154KB

.pdata Size: 15KB - Virtual size: 15KB

.xdata Size: 17KB - Virtual size: 17KB

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 88B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 654KB - Virtual size: 653KB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 154KB - Virtual size: 154KB

.pdata
Size: 15KB - Virtual size: 15KB

.xdata
Size: 17KB - Virtual size: 17KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 88B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 1KB