b16f01ccc980e1627f800c7e9023244b

Sharing

Copy URL Twitter E-mail

General

Target

b16f01ccc980e1627f800c7e9023244b
Size

19KB
MD5

b16f01ccc980e1627f800c7e9023244b
SHA1

95907040facf10b9fd5e1582e94a066aa1c4239c
SHA256

480e4f3f199e9f169e82e12614db89100f4e1680c71e828e7f4044b94adc0439
SHA512

a29bb48efe1ae5702b6e1ba903a209607cac53d23cc241cea00ec0e7fc3f6a5f5641294cd57c9cd00a8bf07fcac65d84a6807a6bd3839b8f83efa6f66d9d4dfb
SSDEEP

384:t4b2drd3JY6xJ7yQkCThPWKarrEOI6pA:t4b2/3JYC9NPWjrEOIEA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b16f01ccc980e1627f800c7e9023244b

Files

b16f01ccc980e1627f800c7e9023244b
.dll windows:6 windows x86 arch:x86

6da0c41624bbb8c1d4aae8eb881b927a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
lstrlenA
LocalFree
GetProcessHeap
HeapAlloc
EnumResourceTypesA
lstrcpyA

mscms

TranslateBitmapBits
GetColorProfileFromHandle
SetColorProfileElement
GetCountColorProfileElements
GetColorProfileElementTag
UnregisterCMMA
GetPS2ColorRenderingIntent
GetPS2ColorSpaceArray

mswsock

rcmd
GetNameByTypeW
GetAddressByNameA

loadperf

LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsA

oleaut32

VarDateFromI2
VarI2FromBool
VarI4FromDec
VarUI1FromStr
VarDecFromI2
VarBstrFromR8
VarDecFromCy
VarCyAdd
CreateTypeLi

urlmon

CoInternetGetProtocolFlags
GetClassURL
URLOpenBlockingStreamA
MkParseDisplayNameEx

wsnmp32

ord107
ord203
ord102

winspool.drv

ord212
FindNextPrinterChangeNotification
ReadPrinter

rtutils

RouterLogEventStringW
MprSetupProtocolEnum
TraceVprintfExA
RouterLogEventStringA
LogEventA

rpcrt4

RpcNetworkInqProtseqsA
RpcServerRegisterIf
NdrConvert2
UuidCompare

advapi32

GetUserNameA
RegOpenKeyExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExA
RegCloseKey
RegDeleteKeyExA

msvcrt

sprintf
memcpy

Exports

Exports

jodqr

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6da0c41624bbb8c1d4aae8eb881b927a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

mswsock

loadperf

oleaut32

urlmon

wsnmp32

winspool.drv

rtutils

rpcrt4

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B