defe429bed520f465930ba2886f6492d0f9c6893f115e03414c72f13843061f3

Sharing

Copy URL

Twitter E-mail

General

Target

defe429bed520f465930ba2886f6492d0f9c6893f115e03414c72f13843061f3
Size

1.6MB
MD5

8607cc39f96e0fa313a311c01b0613ec
SHA1

19ee89471695b09013331b6a66bcc10e3aef1cc4
SHA256

defe429bed520f465930ba2886f6492d0f9c6893f115e03414c72f13843061f3
SHA512

be3aea9ed983df319e2b42b980dc2fc6266bb07d49fd294143a04df509706128a2686291ee465323cf912c3cb2cc627fb70a84b5feb342d6e33b1fca0d3f53bb
SSDEEP

24576:RxHYLrUw90P9O29F3mDlo6lFf2gd1vhSb/ODBIM9WleitvGyY8Q/JiPXKz5qZDr:bpwq9j8KK2TDQBIHv7AJiPm8D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
defe429bed520f465930ba2886f6492d0f9c6893f115e03414c72f13843061f3

Files

defe429bed520f465930ba2886f6492d0f9c6893f115e03414c72f13843061f3
.dll windows:5 windows x86 arch:x86

5c1051ff76073b8994e8be2b0f150c6d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

HMENU_UserSize
CoCreateInstance

kernel32

IsProcessorFeaturePresent
DeleteTimerQueueEx
GetVersionExA
SetEvent
GetModuleFileNameA
GetModuleFileNameW
SetStdHandle
GetProcessHeap
OutputDebugStringA

esent

JetGotoBookmark

advapi32

RegCloseKey

oleaut32

SysAllocStringLen
SafeArrayCreate
GetErrorInfo

shlwapi

UrlEscapeW

user32

WindowFromPoint
ShowWindow
UnregisterClassW
GetMessageA

rpcrt4

RpcErrorGetNextRecord

msvcrt

isprint

msvfw32

DrawDibStart

netapi32

NetShareAdd

Exports

Exports

EhoftahalllqheTefnre

Sections

.text
Size: 768KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt0
Size: 780KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 896B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c1051ff76073b8994e8be2b0f150c6d

Headers

File Characteristics

Imports

ole32

kernel32

esent

advapi32

oleaut32

shlwapi

user32

rpcrt4

msvcrt

msvfw32

netapi32

Exports

Exports

Sections

.text Size: 768KB - Virtual size: 766KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 38KB

.crt0 Size: 780KB - Virtual size: 776KB

.rsrc Size: 4KB - Virtual size: 896B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 768KB - Virtual size: 766KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 38KB

.crt0
Size: 780KB - Virtual size: 776KB

.rsrc
Size: 4KB - Virtual size: 896B

.reloc
Size: 20KB - Virtual size: 19KB