1e5c3eba5e6f146d60a0fd6a6b1bfe49

Sharing

Copy URL Twitter E-mail

General

Target

1e5c3eba5e6f146d60a0fd6a6b1bfe49
Size

18KB
MD5

1e5c3eba5e6f146d60a0fd6a6b1bfe49
SHA1

73d74090eeed05616a9706a23dc97bcb86362451
SHA256

5b3c8ef4a0a380140024c6c2b139bab51c60c4255e308853326f257dee8a47fc
SHA512

0a8682746c50dc5e3716274b6e0e1f2e9e791c83be478bd57ab531ce34a1d180f0520c084e9eda6d08219a52301ca7e2871fdb761b22be59631896c63a7de11a
SSDEEP

384:ql41mcxTFS6dDMNyI9Xm3a7xC+PFqA3OaKgTDiG8BljFW8iwLWPJp:pmcxT/gF923aMUltT5iBfiw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e5c3eba5e6f146d60a0fd6a6b1bfe49

Files

1e5c3eba5e6f146d60a0fd6a6b1bfe49
.dll windows:5 windows x86 arch:x86

cc4d2c491d3708a7a26dfecf41194795

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
SetFileTime
GetFileTime
TlsGetValue
_lcreat
lstrcmpiA
GetFullPathNameA
lstrcpyA
_lclose
LocalAlloc
LocalFree
_lopen
_lread
GetLastError
_lwrite
_llseek
DeleteFileA
GetFileSize
FreeLibrary
InterlockedExchangeAdd
GetProcAddress
LoadLibraryW
TlsSetValue
LockResource
LoadResource
SizeofResource
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
LoadLibraryExW
SetErrorMode
IsDBCSLeadByte
lstrlenA
lstrcmpiW
lstrcmpW
lstrcpyW
lstrlenW
CloseHandle
CreateFileW
GetSystemDirectoryW
GetWindowsDirectoryW
MoveFileW
DeleteFileW
GetFileAttributesW
lstrcpynW
WideCharToMultiByte
TlsFree
TlsAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

ntdll

RtlUnicodeStringToAnsiString
RtlAllocateHeap
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
sprintf
NlsMbCodePageTag
RtlFreeAnsiString
RtlInitUnicodeString
RtlxUnicodeStringToAnsiSize
_wcsicmp
wcslen
wcsncpy
wcscpy
RtlUnwind
NtQueryVirtualMemory

odui

vrgwmniicpntg

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueIndexA
VerQueryValueIndexW
VerQueryValueW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc4d2c491d3708a7a26dfecf41194795

Headers

File Characteristics

Imports

kernel32

ntdll

odui

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 512B - Virtual size: 764B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 768B

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 512B - Virtual size: 764B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 768B