b5bff61d493f02417d0090ee1b5a68176701f168488168aa73cf3d393a2e2f5d

Sharing

Copy URL Twitter E-mail

General

Target

b5bff61d493f02417d0090ee1b5a68176701f168488168aa73cf3d393a2e2f5d
Size

279KB
MD5

64cb5768e40eaac43be7981cd95bed82
SHA1

f464f7ae0b919b356bf7a79e11690133b83a1066
SHA256

b5bff61d493f02417d0090ee1b5a68176701f168488168aa73cf3d393a2e2f5d
SHA512

d6bed47d91110cc47d4c2f5b8f06f18236693932c99d60abd59fff858c03c64a8351874a324c227fd4188186b3761ab08f8c5cd9a8043a8b7e309f4f516708eb
SSDEEP

6144:26/TkGfS4YhcJMzUTy8YtWMzV8iNBDTl+V1iYwgqSN959PtT+F:1wGfQaOz4yTz8ifDTl+V3fhj5L6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5bff61d493f02417d0090ee1b5a68176701f168488168aa73cf3d393a2e2f5d

Files

b5bff61d493f02417d0090ee1b5a68176701f168488168aa73cf3d393a2e2f5d
.dll windows:6 windows x86 arch:x86

db80f8659fb71e0107bccd6a9346a34b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

EndPaint

advapi32

RegOpenKeyExW

api-ms-win-crt-filesystem-l1-1-0

_lock_file

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-heap-l1-1-0

_callnewh

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn

msvcp140

?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ

comctl32

DrawStatusTextW

api-ms-win-crt-stdio-l1-1-0

_get_stream_buffer_pointers

shell32

SHGetIconOverlayIndexA

vcruntime140

_CxxThrowException

Exports

Exports

CastMovementRay
FindT
FindTo
FindZ
Findroute
GetRandomPoint
GetRandomPointAround
Initalize
LoadMmaps
MoveAlongSurface
_FindPath@16
_Init@20

Sections

Size: - Virtual size: 104KB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 236B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

db80f8659fb71e0107bccd6a9346a34b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-runtime-l1-1-0

msvcp140

comctl32

api-ms-win-crt-stdio-l1-1-0

shell32

vcruntime140

Exports

Exports

Sections

Size: - Virtual size: 104KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

.rsrc Size: 236B - Virtual size: 236B

Size: 512B - Virtual size: 4KB

Size: 102KB - Virtual size: 104KB

.rsrc
Size: 236B - Virtual size: 236B