e5c372700fb46104f0c456f7ddad89475eb1eecac2f7d9849ceabd431249dea0

Sharing

Copy URL Twitter E-mail

General

Target

e5c372700fb46104f0c456f7ddad89475eb1eecac2f7d9849ceabd431249dea0
Size

2.1MB
MD5

816c2621a2c1f6478f41bbc0c9c01780
SHA1

ed1263567f0b28109776a58f0e878dfaa28dbd4d
SHA256

e5c372700fb46104f0c456f7ddad89475eb1eecac2f7d9849ceabd431249dea0
SHA512

dd8704ddf76edabc17209e04a127d950ef986a220c23a61cf5fc84a6666e9ac265b508090cb80074c4897d22197ef5aaa4f082f961ed2555d2a8e21ae184951c
SSDEEP

49152:3Pe64QPWXkoWrcd8YruCJfdEtH95PlOYSm/0VLDm3t://4QiHBruPHX9hSHG3t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5c372700fb46104f0c456f7ddad89475eb1eecac2f7d9849ceabd431249dea0

Files

e5c372700fb46104f0c456f7ddad89475eb1eecac2f7d9849ceabd431249dea0
.dll windows:5 windows x86 arch:x86

59be2f97853e1d60d777740f0fb4a2e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

ExcludeClipRect
LPtoDP
WidenPath
ArcTo
PlayMetaFileRecord
SetRectRgn
GetDeviceCaps

rpcrt4

RpcServerRegisterIf2

kernel32

LoadLibraryW
DeleteCriticalSection
CreateEventA
WaitForSingleObjectEx
SetStdHandle
QueryPerformanceCounter
SetSystemTime
GetModuleFileNameA
GetBinaryTypeA
GetStringTypeW
DebugBreak
GetConsoleDisplayMode
GetCommModemStatus
LoadLibraryExA

msvcrt

memset

shlwapi

StrCpyNW

ole32

CoGetCallerTID

ws2_32

WSAGetLastError

setupapi

SetupDiEnumDeviceInfo

user32

InvalidateRgn
LookupIconIdFromDirectory
GetGUIThreadInfo
GetScrollBarInfo
SetCaretPos
DestroyIcon
SetScrollPos
DrawStateA
ShowWindow
GetMenuItemCount

oleaut32

GetRecordInfoFromGuids
SafeArrayCreate

Sections

Lny6jo2
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yvQ
Size: 988KB - Virtual size: 986KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

c83H3w4t
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59be2f97853e1d60d777740f0fb4a2e2

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

rpcrt4

kernel32

msvcrt

shlwapi

ole32

ws2_32

setupapi

user32

oleaut32

Sections

Lny6jo2 Size: 12KB - Virtual size: 10KB

.rdata Size: 364KB - Virtual size: 363KB

.data Size: 88KB - Virtual size: 88KB

yvQ Size: 988KB - Virtual size: 986KB

c83H3w4t Size: 696KB - Virtual size: 695KB

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 40KB - Virtual size: 38KB

Lny6jo2
Size: 12KB - Virtual size: 10KB

.rdata
Size: 364KB - Virtual size: 363KB

.data
Size: 88KB - Virtual size: 88KB

yvQ
Size: 988KB - Virtual size: 986KB

c83H3w4t
Size: 696KB - Virtual size: 695KB

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 40KB - Virtual size: 38KB