14b595002ddc08dad846be42665bec22

Sharing

Copy URL Twitter E-mail

General

Target

14b595002ddc08dad846be42665bec22
Size

180KB
MD5

14b595002ddc08dad846be42665bec22
SHA1

165c0e33822cfb6818d1f439041f84390c7461a6
SHA256

46a7b5b4c27d147d7f060f49b6f9a069582f082e95a34268fb2b985699d7cac8
SHA512

08d46bb0fa31be91af44f6a53e78e3efa04245f4c4ae0387ebcf14750948d7f1e7f06a14e6f888488d6781a837bd3b633043d8b3866d09c758ccd3572a5609f0
SSDEEP

3072:vrETs29Nghei+bwnJzotptDxcIrtJ38vjd9P0sjDIUNOV1CjjEb8wv6qanx:4TsGghibwnJwptDxcI4vz0oIUN61CjOa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b595002ddc08dad846be42665bec22

Files

14b595002ddc08dad846be42665bec22
.dll windows:4 windows x86 arch:x86

c168e9f8c2b0e94d55ea04611b53fed3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
CreateFileA
lstrcmpiA
GetPrivateProfileStringA
SetFileAttributesA
GetPrivateProfileIntA
RemoveDirectoryA
lstrcatA
CreateFileMappingA
GetFileSize
OpenFile
InterlockedIncrement
InterlockedDecrement
FreeLibrary
LoadLibraryA
IsBadReadPtr
WideCharToMultiByte
UnmapViewOfFile
CloseHandle
lstrlenA
FreeEnvironmentStringsA
GetOEMCP
RtlUnwind
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
lstrcpyA
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
HeapReAlloc
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualAlloc
SetUnhandledExceptionFilter
IsBadWritePtr
IsBadCodePtr
HeapSize
FlushFileBuffers
SetStdHandle
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW

user32

SendMessageA
IsWindow
MessageBoxA

Exports

Exports

CreateSetupPlugins

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c168e9f8c2b0e94d55ea04611b53fed3

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 79KB - Virtual size: 84KB

.idata Size: 58KB - Virtual size: 58KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 79KB - Virtual size: 84KB

.idata
Size: 58KB - Virtual size: 58KB

.reloc
Size: 9KB - Virtual size: 9KB