07e2c7654963c03a9245133f4ea21b6efcf0ab69c9ca418e3bae76d8ee38d03f

Sharing

Copy URL

Twitter E-mail

General

Target

07e2c7654963c03a9245133f4ea21b6efcf0ab69c9ca418e3bae76d8ee38d03f
Size

387KB
MD5

f59e8186e1ad1b00424437a914f16740
SHA1

6c59636f0af2905936e43e1138e9138093c31ca5
SHA256

07e2c7654963c03a9245133f4ea21b6efcf0ab69c9ca418e3bae76d8ee38d03f
SHA512

57bbb175b20c1c936e567705301888ed273192a28dfd2b861bbd46664500271e9ff709f909028d79ed794957b8f64d85f9f782ca83af29a04d373c3107903d0d
SSDEEP

6144:foTIbK+eoTWsTCigF/v8h292UwoI6kgk4+jtcb5p9YUTBE5+sjs0DvMIvTpx:5bK+TWWh2VIL7a5p9YUTVkbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07e2c7654963c03a9245133f4ea21b6efcf0ab69c9ca418e3bae76d8ee38d03f

Files

07e2c7654963c03a9245133f4ea21b6efcf0ab69c9ca418e3bae76d8ee38d03f
.dll windows:5 windows x64 arch:x64

13514e7571041bbd6180c25a90824c56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
lstrcpyA
ExitProcess
CreateFileA
GetCurrentProcess
GetTickCount
GetCommandLineA
ReadProcessMemory
GetFileAttributesA
CreateProcessA
TerminateProcess
MultiByteToWideChar
GetLastError
GetLongPathNameA
CopyFileA
GetLocalTime
DeviceIoControl
VirtualProtect
CloseHandle
GetCurrentProcessId
WriteProcessMemory
DeleteFileA
CreateThread
GetFileSize
ReadFile
CreateDirectoryA
SetLastError
LoadLibraryA
GetCurrentThreadId
GetTickCount64
GetComputerNameA
SetFilePointer
HeapAlloc
HeapFree
GetProcessHeap
WriteFile
OpenProcess
WideCharToMultiByte
GetModuleFileNameW
VirtualAlloc
GlobalMemoryStatusEx
GetModuleFileNameA
OutputDebugStringA
GetModuleHandleA
GetVersionExA
WaitForSingleObject
SetEvent
CreateEventA
ExitThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetWindowsDirectoryA
GetTempPathA
QueryPerformanceCounter
OpenMutexA
SetEndOfFile
GetSystemInfo
GetProcAddress
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
GetStartupInfoA
GetFileType
SetHandleCount
GetConsoleMode
GetConsoleCP
HeapSize
LCMapStringW
LCMapStringA
HeapDestroy
HeapCreate
HeapSetInformation
GetStdHandle
GetModuleHandleW
FlsAlloc
FlsFree
FlsGetValue
DecodePointer
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
MoveFileA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetSystemTimeAsFileTime
FlsSetValue
RaiseException
RtlPcToFileHeader
RtlUnwindEx

advapi32

RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA

ws2_32

shutdown
recv
closesocket
send
htons
gethostbyname
sendto
socket
WSAStartup
inet_addr
WSAGetLastError
WSASetLastError
connect

psapi

GetProcessImageFileNameW

shlwapi

PathFileExistsA

wininet

DeleteUrlCacheEntryA
DeleteUrlCacheEntry

urlmon

URLDownloadToFileA

netapi32

Netbios

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rtext
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

13514e7571041bbd6180c25a90824c56

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

psapi

shlwapi

wininet

urlmon

netapi32

Sections

.text Size: 226KB - Virtual size: 225KB

.rdata Size: 80KB - Virtual size: 80KB

.data Size: 49KB - Virtual size: 59KB

.pdata Size: 14KB - Virtual size: 14KB

.rtext Size: 16KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 226KB - Virtual size: 225KB

.rdata
Size: 80KB - Virtual size: 80KB

.data
Size: 49KB - Virtual size: 59KB

.pdata
Size: 14KB - Virtual size: 14KB

.rtext
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 7KB