bb09f50ba2dfd81caedd781b2378bed18351bee4a2e418a22d7e6c4092995898

Sharing

Copy URL Twitter E-mail

General

Target

bb09f50ba2dfd81caedd781b2378bed18351bee4a2e418a22d7e6c4092995898
Size

24KB
MD5

b3b81a56874349f4a58946dd81ad5710
SHA1

51d1876bf57142be1a6dc02715176d6cab2a8bb7
SHA256

bb09f50ba2dfd81caedd781b2378bed18351bee4a2e418a22d7e6c4092995898
SHA512

32ebdfa6e5f4b0c7f58acd3bdda2a9c76e00d558e9329bc9b1e62510762f2f1bd8717f8970306834400eaebc9fb5a7361d1c1576fc0c74ce5eb78232be6b6b02
SSDEEP

384:2VD6WLmU9jAoGAZ7cttmjgie6FW9Y/bVxn:M9M6XFDVxn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb09f50ba2dfd81caedd781b2378bed18351bee4a2e418a22d7e6c4092995898

Files

bb09f50ba2dfd81caedd781b2378bed18351bee4a2e418a22d7e6c4092995898
.dll windows:5 windows x64

f2f92fa9d816388e46c44adf128ef8e1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcrt

malloc
_errno
memcpy
memset
__CxxFrameHandler
_callnewh
_CxxThrowException
free

kernel32

IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
GetCurrentProcess
Sleep
GetLastError
WaitForSingleObject
TerminateProcess
CreateThread
VirtualProtect
ExitThread
ExitProcess
GetCurrentThreadId

advapi32

CryptAcquireContextA
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext

ws2_32

ntohs
htonl
ntohl

Exports

Exports

launch_v100

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2f92fa9d816388e46c44adf128ef8e1

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 784KB

.pdata Size: 1024B - Virtual size: 696B

.gfids Size: 512B - Virtual size: 32B

.tls Size: 512B - Virtual size: 2B

.reloc Size: 512B - Virtual size: 92B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 784KB

.pdata
Size: 1024B - Virtual size: 696B

.gfids
Size: 512B - Virtual size: 32B

.tls
Size: 512B - Virtual size: 2B

.reloc
Size: 512B - Virtual size: 92B