d380ddce15eff3423e98155d8e74260a1caed8551172eb54644e4e9e0b9ede0d

Sharing

Copy URL Twitter E-mail

General

Target

d380ddce15eff3423e98155d8e74260a1caed8551172eb54644e4e9e0b9ede0d
Size

145KB
MD5

8523281dc217d6b4ec763bd967ed4aa2
SHA1

83a12bc4a274a3d19e8b4a09840b1c041b0f4d19
SHA256

d380ddce15eff3423e98155d8e74260a1caed8551172eb54644e4e9e0b9ede0d
SHA512

e24cc50fb481932f665eb79ec4340592d3d8add6dc4be70a05910d2ae0a04388db7f0b8ff7145ae2bb9591a3e9d5fcc9974db5a947799ef1d421e96ea8caed28
SSDEEP

3072:nL1baeCdWiHOEMPkQMkza5Ag0FuLW+iOlqQRZ:nL1eVoCOPOAOFllRZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d380ddce15eff3423e98155d8e74260a1caed8551172eb54644e4e9e0b9ede0d

Files

d380ddce15eff3423e98155d8e74260a1caed8551172eb54644e4e9e0b9ede0d
.dll windows:6 windows x86

b33f85b21f30bda78eb19bc75a1a092c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
FindClose
LoadLibraryExW
GetCurrentThreadId
CreateFileW
FlushFileBuffers
WriteFile
InterlockedFlushSList
RtlUnwind
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
FindResourceW
SizeofResource
LockResource
LoadResource
GetProcAddress
GetModuleHandleW
FreeLibrary
FindResourceExW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentProcess
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
OutputDebugStringW
InitializeSListHead
QueryPerformanceCounter
TerminateProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
FindNextFileA
InitializeCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
DecodePointer
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExA
IsDebuggerPresent
SetStdHandle
GetStdHandle
GetACP
GetModuleFileNameA
ExitProcess
GetConsoleMode
GetConsoleCP
SetFilePointerEx
EnterCriticalSection
GetFileType
GetModuleHandleExW
GetStringTypeW
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LCMapStringW
GetCPInfo

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b33f85b21f30bda78eb19bc75a1a092c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 7KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 7KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 6KB