07e5183db4cf312eb31a799573622c5f5ff5ddf194652af3add8c3f14a0feec7

Sharing

Copy URL Twitter E-mail

General

Target

07e5183db4cf312eb31a799573622c5f5ff5ddf194652af3add8c3f14a0feec7
Size

4.4MB
MD5

8415d2712e3be6670448aa9d738aac64
SHA1

aeeccac0e52b0a4c22080d369b92de5be8aca6cd
SHA256

07e5183db4cf312eb31a799573622c5f5ff5ddf194652af3add8c3f14a0feec7
SHA512

e2b4b1587427758e731da2b8b3a19c823087a87015922efeb6e46dca63b0ecc015bccec18975f8b0bbe0a62b4135435e9aceeb3e56418f7a6904be3478ce71d9
SSDEEP

98304:Fkk41LOutgpjo7x69prmHqJZ16yGQbPj+Ev74SBY0DySDtQzLxyztuFqARA4:ak4ZOs4oxirmHoj3vESBYSozLxyztc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e5183db4cf312eb31a799573622c5f5ff5ddf194652af3add8c3f14a0feec7

Files

07e5183db4cf312eb31a799573622c5f5ff5ddf194652af3add8c3f14a0feec7
.dll windows:5 windows x86 arch:x86

525dad3e7d36de908e5c10a33ee0313d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExA
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA

hid

HidD_GetHidGuid

setupapi

SetupDiDestroyDeviceInfoList

shlwapi

StrStrIA

advapi32

InitializeSecurityDescriptor

winscard

g_rgSCardT1Pci

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
cad
vSetDdrawflag

Sections

.text
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.!15
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.*K8
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rP%
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

525dad3e7d36de908e5c10a33ee0313d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

hid

setupapi

shlwapi

advapi32

winscard

Exports

Exports

Sections

.text Size: - Virtual size: 76KB

.rdata Size: - Virtual size: 31KB

.data Size: - Virtual size: 18KB

.!15 Size: - Virtual size: 2.3MB

.*K8 Size: 1024B - Virtual size: 880B

.rP% Size: 4.4MB - Virtual size: 4.4MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 434B

.text
Size: - Virtual size: 76KB

.rdata
Size: - Virtual size: 31KB

.data
Size: - Virtual size: 18KB

.!15
Size: - Virtual size: 2.3MB

.*K8
Size: 1024B - Virtual size: 880B

.rP%
Size: 4.4MB - Virtual size: 4.4MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 434B