18560d526a5134a7674aeacb02c1ca7f

Sharing

Copy URL

Twitter E-mail

General

Target

18560d526a5134a7674aeacb02c1ca7f
Size

1.0MB
MD5

18560d526a5134a7674aeacb02c1ca7f
SHA1

f150b2068c282d8fafd02b15fec005fa89cd28b3
SHA256

8f604242dfb785e324e8207b35f8ce7261436f79cd8b19659a2f194333f31d6f
SHA512

319cbd6f8f2d75d87a7b2b801f1debe559b7d62b713072e454a1b59ee6f5afa041c3ee45c23bfc0b54f205b76f23878f5b5c8b99a193c76464e383c7120ee834
SSDEEP

24576:OtLNXJb227NHokpLKVtVvEMkOgPSFrHEjX7hWHQ/uYT/jISlzfmXbC1DCU:0LNXhlFBpL+vEMCPQDWX7hWHQ/ue/jIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18560d526a5134a7674aeacb02c1ca7f

Files

18560d526a5134a7674aeacb02c1ca7f
.dll windows:6 windows x86 arch:x86

05bdeca99830b5a5582d11862e907d91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
OpenMutexW
LocalFree
GetCurrentDirectoryW
LoadLibraryW
CreateEventW
GetSystemDirectoryW
LocalAlloc
GetEnvironmentVariableW
RemoveDirectoryW
GetCurrentProcess
VirtualProtect
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
GetStringTypeW
LCMapStringW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
FreeLibrary
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
HeapFree
CloseHandle
HeapAlloc
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
CreateFileW
HeapSize
SetEndOfFile

clusapi

GetClusterNetInterface
SetClusterName
SetClusterGroupNodeList
GetClusterNetInterfaceState
GetClusterNotify
GetClusterFromResource
GetClusterGroupState
OnlineClusterResource
OfflineClusterResource
OfflineClusterGroup
GetClusterFromNetwork
RemoveClusterResourceNode
GetNodeClusterState
RestoreClusterDatabase
GetClusterInformation
GetClusterResourceTypeKey
RemoveClusterResourceDependency
OpenCluster
GetClusterResourceNetworkName
GetClusterNetworkId
GetClusterKey
GetClusterNodeState
PauseClusterNode
OpenClusterNetInterface
GetClusterNodeKey
GetClusterNodeId
GetClusterNetworkKey
GetClusterGroupKey
SetClusterNetworkName
OnlineClusterGroup
SetClusterNetworkPriorityOrder
OpenClusterGroup
ResumeClusterNode
RegisterClusterNotify
GetClusterResourceState
MoveClusterGroup
OpenClusterNetwork
SetClusterServiceAccountPassword
SetClusterQuorumResource
OpenClusterResource
GetClusterNetInterfaceKey
GetClusterFromNode
OpenClusterNode
GetClusterQuorumResource
GetClusterResourceKey
SetClusterResourceName
SetClusterGroupName
GetClusterNetworkState

Exports

Exports

Circle
ExactHunt
Experiencefew
Hitcoat
Ironchild
Resultpaint

Sections

.text
Size: 448KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05bdeca99830b5a5582d11862e907d91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

clusapi

Exports

Exports

Sections

.text Size: 448KB - Virtual size: 448KB

.rdata Size: 597KB - Virtual size: 596KB

.data Size: 3KB - Virtual size: 614KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 448KB - Virtual size: 448KB

.rdata
Size: 597KB - Virtual size: 596KB

.data
Size: 3KB - Virtual size: 614KB

.reloc
Size: 7KB - Virtual size: 7KB