6e5cc55891674a81bdbc352d752430f24008a2f3726ed81abb7864535726bb6e

Sharing

Copy URL

Twitter E-mail

General

Target

6e5cc55891674a81bdbc352d752430f24008a2f3726ed81abb7864535726bb6e
Size

11.3MB
MD5

ba57a47aff8fce4a4944ced3ace36527
SHA1

4e48e19475e5e9b92fa6cdb1603571832c4dac94
SHA256

6e5cc55891674a81bdbc352d752430f24008a2f3726ed81abb7864535726bb6e
SHA512

5ea876ce034866542d1d1e9cd6f4d95a57dd15a04cee6c19096665fbff53231d4c68795d3613b3eca9d70790064529a045c73a1bf5dc45080f6a7962d2de5d1e
SSDEEP

196608:3cbTpLNYv74z9m6L1wjQbGGguN1yAuqNcX83O+VrZqs6E2lqraQyQ3qqxFETD:3c3kvg1WFG3cqNcX831Fr2ma5SHKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e5cc55891674a81bdbc352d752430f24008a2f3726ed81abb7864535726bb6e

Files

6e5cc55891674a81bdbc352d752430f24008a2f3726ed81abb7864535726bb6e
.dll windows:6 windows x86 arch:x86

2455f968dace837e523bfac4d597af87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

wsprintfW
CharUpperBuffW

shlwapi

StrCmpIW

Exports

Exports

AlphaBlend
DllInitialize
GradientFill
TransparentBlt
vSetDdrawflag

Sections

.text
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.detourc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.detourd
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uF:
Size: - Virtual size: 9.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.!z\
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.:$8
Size: 11.0MB - Virtual size: 11.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2455f968dace837e523bfac4d597af87

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: - Virtual size: 47KB

.rdata Size: - Virtual size: 24KB

.data Size: - Virtual size: 4KB

.detourc Size: - Virtual size: 4KB

.detourd Size: - Virtual size: 12B

.uF: Size: - Virtual size: 9.4MB

.!z\ Size: 1KB - Virtual size: 1KB

.:$8 Size: 11.0MB - Virtual size: 11.0MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 301KB - Virtual size: 301KB

.text
Size: - Virtual size: 47KB

.rdata
Size: - Virtual size: 24KB

.data
Size: - Virtual size: 4KB

.detourc
Size: - Virtual size: 4KB

.detourd
Size: - Virtual size: 12B

.uF:
Size: - Virtual size: 9.4MB

.!z\
Size: 1KB - Virtual size: 1KB

.:$8
Size: 11.0MB - Virtual size: 11.0MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 301KB - Virtual size: 301KB