34f2d3c54de5f759eef4c0e3e9aeec0c

General

Target

34f2d3c54de5f759eef4c0e3e9aeec0c
Size

388KB
MD5

34f2d3c54de5f759eef4c0e3e9aeec0c
SHA1

0d65eb1e0aec44f3a3f6cea6142ed2857d03c1b0
SHA256

45fcc4bde47953902226bddcaa61491ed1d59f893488d2bb9920849d16a170cd
SHA512

51a647f60995686d1ebfe8a93a0ad072d06751211fdbd72b4ef084f1c21f88696e59d738e27b64482cf2cbe910a8eb488dfe11272168514b0c3f3092b474342a
SSDEEP

6144:0AoV+ufQ+pN7fbbohrZCfcIU/VOqUlnXw4ahmVJYolYaJ9lXzngeMgra8ef+wctc:01hfbHbXjqOCLpcfJ9JfeGwSaj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f2d3c54de5f759eef4c0e3e9aeec0c

Files

34f2d3c54de5f759eef4c0e3e9aeec0c
.dll windows:4 windows x86 arch:x86

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
ImpersonateAnonymousToken

ole32

CoTaskMemFree
StringFromCLSID

kernel32

lstrlenW
WideCharToMultiByte
WaitForSingleObject
CloseHandle
CreateFileA
CreateProcessA
DeleteCriticalSection
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessPriorityBoost
GetShortPathNameA
GetStartupInfoA
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalUnWire
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
LoadLibraryA
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
VirtualAlloc

Exports

Exports

ConvertU2TrusteeToSid
GetBuffer3i
GetDouble
GetPCDResolution
PreprocessShaderFromResourceA
ValueFree

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b57d13133806303ddbf23debff061b47

Headers

File Characteristics

Imports

advapi32

ole32

kernel32

Exports

Exports

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 195KB - Virtual size: 194KB

.data Size: 69KB - Virtual size: 69KB

.rsrc Size: 49KB - Virtual size: 48KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 195KB - Virtual size: 194KB

.data
Size: 69KB - Virtual size: 69KB

.rsrc
Size: 49KB - Virtual size: 48KB

.reloc
Size: 4KB - Virtual size: 3KB