accd0619d4a388334dbb9db70b4b2ea9

Sharing

Copy URL

Twitter E-mail

General

Target

accd0619d4a388334dbb9db70b4b2ea9
Size

368KB
MD5

accd0619d4a388334dbb9db70b4b2ea9
SHA1

e60d9184b85fa02094552282db4c7cf9f85c59d9
SHA256

23e2fcbf22fd61aee484d6d03e6bb8681ac787e333600ba837b44bfaeda8ca4d
SHA512

2b17239af22ad3d1188757784033c010b1db680c31f53eb7bba4a8a75e35b0543b347fba4e85b1718aa4c8f1739dffd540cfb783ede5367a775343b81b80af43
SSDEEP

6144:PpW5yM4eF6MOl7SfFPFY0Hi1PkZkWM6ge2X4sCC8rJpD9jM:PQ5yB78fFPTHi1Pku6gbIsC3FvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

accd0619d4a388334dbb9db70b4b2ea9

resource
accd0619d4a388334dbb9db70b4b2ea9

Files

accd0619d4a388334dbb9db70b4b2ea9
.dll windows:6 windows x86 arch:x86

2ce4978faea322765569dc03fa2502d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
GetModuleFileNameW
GetTempPathW
VirtualProtectEx
SetConsoleOutputCP
CreateEventW
TlsAlloc
GetWindowsDirectoryW
GetVersion
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
GetLastError
HeapFree
HeapAlloc
EncodePointer
DecodePointer
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcessHeap
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
HeapSize
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
HeapReAlloc
CreateFileW

ole32

OleInitialize
OleSetContainedObject
OleUninitialize

urlmon

CoInternetCombineUrl
CoGetClassObjectFromURL
URLDownloadToFileW
CoInternetCompareUrl
URLOpenStreamW
URLOpenPullStreamW

msimg32

AlphaBlend
TransparentBlt
GradientFill

Exports

Exports

WICConvertBitmapSource

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ce4978faea322765569dc03fa2502d0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

urlmon

msimg32

Exports

Exports

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 83KB - Virtual size: 83KB

.data Size: 5KB - Virtual size: 63KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 83KB - Virtual size: 83KB

.data
Size: 5KB - Virtual size: 63KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 5KB