0260a1de395cf3ca3b6ef543ba3dea2e3a8c602ce7e20cfb69ca6e39dff42e65

Sharing

Copy URL Twitter E-mail

General

Target

0260a1de395cf3ca3b6ef543ba3dea2e3a8c602ce7e20cfb69ca6e39dff42e65
Size

644KB
MD5

51b84ca4d6452b94dffa961ce67a487a
SHA1

ce34c581b061793424e9aefccb2ed5b86001bfee
SHA256

0260a1de395cf3ca3b6ef543ba3dea2e3a8c602ce7e20cfb69ca6e39dff42e65
SHA512

6d2963e7538d873172c5ff0c3bd0a156ed8d8d78ec9fdfe84ac0503269fc994f08203be2bbb4a2f49e95bd014d2f5ce006fd341542997e10e2afc72b13132cff
SSDEEP

12288:FSYOtYRKhpf3TWHQtPuC7H7fRoDq1WgHLLNLXEJHqfTjAQbv89oPtXOBvYv:IY1gj7fYaHBoHq7jXvwoPNOBwv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0260a1de395cf3ca3b6ef543ba3dea2e3a8c602ce7e20cfb69ca6e39dff42e65

Files

0260a1de395cf3ca3b6ef543ba3dea2e3a8c602ce7e20cfb69ca6e39dff42e65
.dll windows:5 windows x86 arch:x86

9fbff73763e03e602a727ab81dbf4574

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

boundscheck

hw_snprintf_s
hw2_memset_s
hw2_memcpy_s
hw_sprintf_s
rx_memcpy_x
hw_strncpy_s
hw_vsnprintf_s
hw2_memmove_s
hw2_strcpy_s
rx_memset_x
hw_sscanf_s
rx_memmove_x

rxmss

MssLoadLibFile
MssLoadLibFile2

rxruntim

LacSetOutParam
LacRegisterFunction
ValueSet
ValueSetType
LacOpenRemote
RoSetVariant
LacIsValid
RoCreateInstance
RoCreateInstanceEx
LacInvokeSync
ValueCheckType
ValueSetType2
ValueClear
RoClearVariant
ValueLoad
LacCloseRemote
ValueSave
RoCreateInstanceNCT
LacRevokeFunction
ValueInit

rxcoml

RECreateInstance

rxffr

fmttest
fmtdetail
fmtid2ffrid
fmtidmax
fmtrec_s
name2mask
fmttestbit
mask2name
ffrid2fmtid
name2fmtid
fmtrec_a
ffrver

rxsig64

sig64FetchA
sig64FetchF

kernel32

ReadFile
RaiseException
SetFilePointer
GetFileSize
SetEndOfFile
GetSystemInfo
EncodePointer
CreateFileW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
RtlUnwind
HeapReAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileA
MapViewOfFile
UnmapViewOfFile
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
WideCharToMultiByte
LeaveCriticalSection
GetACP
MultiByteToWideChar
GetFileSizeEx
GetLastError
EnterCriticalSection
CreateFileMappingA
CreateFileMappingW
GetModuleFileNameA
GetModuleHandleA
DeleteCriticalSection
CloseHandle
GetFileInformationByHandle
DeleteFileA
HeapFree
HeapAlloc
DecodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
IsValidCodePage
GetOEMCP
GetCPInfo
SetLastError
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
GetStdHandle
WriteFile
GetModuleFileNameW
HeapSize
Sleep

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

FetchDataFeature
MainClassId
MainClassName
REGetClassObject13
RXGetClassObject
RxGetRemoteConfig

Sections

.text
Size: 453KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fbff73763e03e602a727ab81dbf4574

Headers

DLL Characteristics

File Characteristics

Imports

boundscheck

rxmss

rxruntim

rxcoml

rxffr

rxsig64

kernel32

advapi32

Exports

Exports

Sections

.text Size: 453KB - Virtual size: 452KB

.rdata Size: 94KB - Virtual size: 94KB

.data Size: 39KB - Virtual size: 47KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 55KB - Virtual size: 54KB

.text
Size: 453KB - Virtual size: 452KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 39KB - Virtual size: 47KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 55KB - Virtual size: 54KB