0ef9fc7b0f674c5353969e5f65e937be

General

Target

0ef9fc7b0f674c5353969e5f65e937be
Size

8KB
MD5

0ef9fc7b0f674c5353969e5f65e937be
SHA1

b5f3e44d818f9c8ab42e906a870e638649a19fe2
SHA256

e45f8e286265111fe9834d85eeebe025b8a474c298f0ec49ab5b0935cf123ad6
SHA512

3ce70f8e6e979a86cbe2824394b1dffd14d4ed4c8211f082229826bb02f2ac4f8bd8173b8d7eb580aa92be69a2581bb424292b385a20a816eb71b687688e7381
SSDEEP

192:czVDE3q4m2wErAyvTOj2jBK3Xk6AkpbDQWf:cRUqlkky6R06LV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ef9fc7b0f674c5353969e5f65e937be

Files

0ef9fc7b0f674c5353969e5f65e937be
.dll windows:4 windows x86 arch:x86

e91df787c889bede0ea682fadac0d9fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetProcAddress
LoadLibraryA
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
GetSystemTimeAsFileTime

msvcp80

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z

msvcr80

__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
free
_encoded_null
_malloc_crt
_encode_pointer
_beginthread
_endthread
_decode_pointer
_adjust_fdiv
_amsg_exit
_initterm_e
_except_handler4_common
_initterm
__CppXcptFilter
__CxxFrameHandler3
memset

Exports

Exports

pla

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 450B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e91df787c889bede0ea682fadac0d9fa

Headers

File Characteristics

Imports

kernel32

msvcp80

msvcr80

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 868B

.rsrc Size: 512B - Virtual size: 428B

.reloc Size: 512B - Virtual size: 450B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 868B

.rsrc
Size: 512B - Virtual size: 428B

.reloc
Size: 512B - Virtual size: 450B