3b33014b71e0d952678cc0588618834f

Sharing

Copy URL Twitter E-mail

General

Target

3b33014b71e0d952678cc0588618834f
Size

120KB
MD5

3b33014b71e0d952678cc0588618834f
SHA1

fa0524d34f9bc9fc351707ce27ed98c9ba40fb06
SHA256

9feb97108351d86097153e964b136c4df995d122165937af29ff53577a7775fd
SHA512

51a392e2899bdb50743fc3d7a2c530ce1b83dfabf2785d2e9150618c12b9fd545762fc778673a19bae3b0e2d966632d6e02159a5409794318e5e85b78d3fe68c
SSDEEP

3072:KkjDFQbx1n5bHxi7CmDLVAn646X0HcY4CMf+EH77TN0:K3HIC9643X+x0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b33014b71e0d952678cc0588618834f

Files

3b33014b71e0d952678cc0588618834f
.dll windows:6 windows x86 arch:x86

1bad0b83a61f9befa9c6192c2145c39f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
FreeLibrary
GetProcAddress
LocalAlloc
LocalFree
VirtualProtect
OpenProcess
InitializeCriticalSection
EnterCriticalSection
Sleep
SizeofResource
FlushFileBuffers
GetSystemTime
CreateEventA
LoadLibraryA
GetModuleHandleA
GetWindowsDirectoryA
CreateFileA
QueryPerformanceCounter
GetVersionExA
GetDateFormatA
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DecodePointer
WriteConsoleW
CloseHandle
CreateFileW

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bad0b83a61f9befa9c6192c2145c39f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 81KB - Virtual size: 80KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 81KB - Virtual size: 80KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB