88444825890c0e49ba815eb39a431f5b75d89e63682012cdd3f0f036bccb3a60

Sharing

Copy URL Twitter E-mail

General

Target

88444825890c0e49ba815eb39a431f5b75d89e63682012cdd3f0f036bccb3a60
Size

442KB
MD5

45a6e49e19288b51d091c851077a2cb5
SHA1

3f016b26b75dcd6f1a31ef7348b86f9f9779dda8
SHA256

88444825890c0e49ba815eb39a431f5b75d89e63682012cdd3f0f036bccb3a60
SHA512

4abd7322ea42a05e232dbffe6d4876d0eddc3daf18c5caeaf8a212449161039ff1c3622a9dfc3db8099eab5fa5b3e29e4047e79972991e9b0dd78b57d84c65ad
SSDEEP

12288:ro2p120KGzVR5X2OG4+T+l5Yg4Uuzu54JatOc:CR4w+l1Oz44Ja

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88444825890c0e49ba815eb39a431f5b75d89e63682012cdd3f0f036bccb3a60

Files

88444825890c0e49ba815eb39a431f5b75d89e63682012cdd3f0f036bccb3a60
.dll windows:5 windows x86 arch:x86

2d40e18cd7eb7213f369ba030f73df0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

boundscheck

hw_snprintf_s
hw2_memcpy_s
hw2_memset_s

kernel32

IsValidCodePage
LocalFree
RaiseException
InterlockedIncrement
InterlockedDecrement
GetACP
MultiByteToWideChar
WideCharToMultiByte
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualQuery
GetCommandLineA
GetCurrentThreadId
GetStdHandle
WriteFile
GetModuleFileNameW
GetProcessHeap
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CreateFileW
GetOEMCP
GetCPInfo
HeapSize
GetStringTypeW
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapReAlloc
RtlUnwind
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle

oleaut32

SysAllocString
SysStringLen
SysFreeString
VariantInit
VariantClear
VariantChangeType

Exports

Exports

REGetClassObject

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d40e18cd7eb7213f369ba030f73df0d

Headers

DLL Characteristics

File Characteristics

Imports

boundscheck

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 327KB - Virtual size: 327KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 18KB - Virtual size: 26KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 39KB - Virtual size: 39KB

.text
Size: 327KB - Virtual size: 327KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 18KB - Virtual size: 26KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 39KB - Virtual size: 39KB