32de5d00cc9a274613709936425289eaa196421d62eaa0cb3e2c814176cb6287

General

Target

32de5d00cc9a274613709936425289eaa196421d62eaa0cb3e2c814176cb6287
Size

18KB
MD5

cea216c7eda5afc5bc21eace26160332
SHA1

0db042f57c9d69cce187e026858d915b70a694ad
SHA256

32de5d00cc9a274613709936425289eaa196421d62eaa0cb3e2c814176cb6287
SHA512

91b3ad573bf0eac948ab887d26e804860e8146791e82c0a3c8148ef2b60c7b12ffc3d79e6a918ff3c89eef329041670ff0189556a33f4fc1f83af9bf03c448b0
SSDEEP

192:ADFVJFtn9YfKgPNAsDq8ZjAbl2ARiY/jMKRt:gVJTUKgPNAsG8Zje5RiY/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32de5d00cc9a274613709936425289eaa196421d62eaa0cb3e2c814176cb6287

Files

32de5d00cc9a274613709936425289eaa196421d62eaa0cb3e2c814176cb6287
.dll windows:5 windows x64

00dbe926bd02ebc0f20fb8f887217ea9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
memcpy
memset
__CxxFrameHandler
free

kernel32

IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
GetCurrentProcess
Sleep
GetLastError
WaitForSingleObject
TerminateProcess
CreateThread
VirtualProtect
ExitThread
ExitProcess

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

ws2_32

htonl
ntohl

Exports

Exports

launch_v100

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

00dbe926bd02ebc0f20fb8f887217ea9

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 784KB

.pdata Size: 512B - Virtual size: 240B

.gfids Size: 512B - Virtual size: 4B

.tls Size: 512B - Virtual size: 2B

.reloc Size: 512B - Virtual size: 32B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 784KB

.pdata
Size: 512B - Virtual size: 240B

.gfids
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 2B

.reloc
Size: 512B - Virtual size: 32B