0938a85c21d45a41aede06090f935bd39882c7ce93f9963bf661d466ab0b6e7a

Sharing

Copy URL Twitter E-mail

General

Target

0938a85c21d45a41aede06090f935bd39882c7ce93f9963bf661d466ab0b6e7a
Size

305KB
MD5

fd56c784e5a128d0ec24e844c3e731e2
SHA1

3c3b79eadc75ade3a1fbb57f68ed180d3fe90e7b
SHA256

0938a85c21d45a41aede06090f935bd39882c7ce93f9963bf661d466ab0b6e7a
SHA512

8c37a962b7a1bad43406e57b2b752975021b994e31b364a3f6a1a28ae8073a16ea9f55c262041325c7651ca669040f1e8e54f3c6086298b838251fe44a8c54b2
SSDEEP

3072:1J4gmbY06JEiwT6qdcNwU1VyVt2FPEJSsAFoA4UsUkwr7bCu9j4Acy+AnZiun5Sc:1y3kXqRk12t2S0smx7riAcy+AnZI+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0938a85c21d45a41aede06090f935bd39882c7ce93f9963bf661d466ab0b6e7a

Files

0938a85c21d45a41aede06090f935bd39882c7ce93f9963bf661d466ab0b6e7a
.dll windows:5 windows x86

0ece239e2d978868f58cec98a3dd5796

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WritePrivateProfileSectionA
GetPrivateProfileSectionA
InterlockedIncrement
GetProcAddress
LoadLibraryA
WritePrivateProfileStringA
WideCharToMultiByte
GetCurrentProcess
FindClose
FindFirstFileA
InitializeCriticalSection
CloseHandle
CreateFileA
GetModuleFileNameA
SetLastError
GetModuleHandleA
TerminateProcess
GetExitCodeProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
WinExec
GetProcessHeap
MultiByteToWideChar
GetLastError
InterlockedDecrement
GetPrivateProfileIntA
GetCurrentThreadId
Sleep
lstrlenA
GetTickCount
DeleteFileA
LocalFree
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedExchange
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
HeapSize
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
RtlUnwind
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
WriteFile
GetConsoleCP
GetConsoleMode
ExitProcess
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
FlushFileBuffers
SetFilePointer
LCMapStringA
LCMapStringW

user32

wsprintfA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize

oleaut32

GetErrorInfo
SysAllocString
VariantClear
SysFreeString

Exports

Exports

CreatePluginInstance
DeletePluginInstance

Sections

.text
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ece239e2d978868f58cec98a3dd5796

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 154KB - Virtual size: 154KB

.rdata Size: 102KB - Virtual size: 101KB

.data Size: 6KB - Virtual size: 13KB

.reloc Size: 41KB - Virtual size: 41KB

.text
Size: 154KB - Virtual size: 154KB

.rdata
Size: 102KB - Virtual size: 101KB

.data
Size: 6KB - Virtual size: 13KB

.reloc
Size: 41KB - Virtual size: 41KB