df2a0f96840690ae6d4c788a1630a5279a9a1342816ecad543074411178111e5

Sharing

Copy URL Twitter E-mail

General

Target

df2a0f96840690ae6d4c788a1630a5279a9a1342816ecad543074411178111e5
Size

119KB
MD5

61bf780d17f1c5bc2820f270b7f4f7a8
SHA1

e3bfa037d02626c8b28068d9a2765af2f072f86f
SHA256

df2a0f96840690ae6d4c788a1630a5279a9a1342816ecad543074411178111e5
SHA512

d5a0f935665dd057342bca155265956b02c9597da7b3c181d72eb3295cefbc782bc2fe0e03f8fd77f178ee8cd2e39020fefa60521cd0a6691f1abc0e1d13de30
SSDEEP

3072:sLC5KQCUoFharUZiA8ZLlgGVnfZ0AgdmBNMrkVjrWT4oX:s+0QCZFCUZiAKLVVnh0p0Mo9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df2a0f96840690ae6d4c788a1630a5279a9a1342816ecad543074411178111e5

Files

df2a0f96840690ae6d4c788a1630a5279a9a1342816ecad543074411178111e5
.dll windows:5 windows x86 arch:x86

33b6227b24a0c9fd7d0df64e2c4a8037

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
VirtualAlloc
VirtualProtect
GetProcAddress
GetModuleHandleW
DecodePointer
WriteConsoleW
CloseHandle
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
SetLastError
EncodePointer
RaiseException
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Exports

Exports

Init

Sections

.text
Size: - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CABAL0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CABAL1
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33b6227b24a0c9fd7d0df64e2c4a8037

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: - Virtual size: 55KB

.rdata Size: - Virtual size: 23KB

.data Size: - Virtual size: 6KB

.gfids Size: - Virtual size: 204B

.tls Size: 512B - Virtual size: 9B

.CABAL0 Size: - Virtual size: 24KB

.CABAL1 Size: 116KB - Virtual size: 116KB

.reloc Size: 512B - Virtual size: 280B

.rsrc Size: 512B - Virtual size: 469B

.text
Size: - Virtual size: 55KB

.rdata
Size: - Virtual size: 23KB

.data
Size: - Virtual size: 6KB

.gfids
Size: - Virtual size: 204B

.tls
Size: 512B - Virtual size: 9B

.CABAL0
Size: - Virtual size: 24KB

.CABAL1
Size: 116KB - Virtual size: 116KB

.reloc
Size: 512B - Virtual size: 280B

.rsrc
Size: 512B - Virtual size: 469B