480aff399092c8800dbf295de23f1103

General

Target

480aff399092c8800dbf295de23f1103
Size

48KB
MD5

480aff399092c8800dbf295de23f1103
SHA1

05fd8d0320ea07f1f3b96510c3704d7b0e064e44
SHA256

8effbea2c3903830a69b3fa87a44d4526fdc77af726d0a3f4b9d17bbf7e532b0
SHA512

a19e2489b5d7111a17ebd555066c958754893a8e09672c352bf85027b923ca8f78c717e03ece66d5a2ce6b177e8323682c9d7cef3e04255615000a8e2ae178d2
SSDEEP

768:3Knop2Qjgd/utvuNji+EQux/iicLQyRww3YhQQTDBUjzctcjLrZb0oUpQtN7v:3D4tMt2RGBpiicsYMOzcESmFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
480aff399092c8800dbf295de23f1103

Files

480aff399092c8800dbf295de23f1103
.dll windows:2 windows x86 arch:x86

30789e6aafe6471baad5a5c1dba6c987

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
SuspendThread
GetFileAttributesExA
GetCurrentProcess
RtlZeroMemory
HeapFree
MapViewOfFile
lstrcpyA
VirtualQuery
CreateThread
GetModuleHandleA
ConnectNamedPipe
ReadFile
DeleteFileA
GetVersion
HeapReAlloc
CallNamedPipeA
UnmapViewOfFile
GetCurrentProcessId
WaitForMultipleObjects
CreateFileMappingA
SetThreadPriority
SetFilePointer
GetThreadIOPendingFlag
HeapAlloc
OpenThread
ReadFileScatter
CreateFileA

cscdpres

DragQueryFile
SdbReadDWORDTag
ShimDumpCache
IsUserAnAdmin
SdbRegisterDatabaseEx
SdbResolveDatabase
ILClone
IsNetDrive
SdbQueryApphelpInformation
ILGetSize
CtfImmCoUninitialize
ImmGenerateMessage
PathCleanupSpec
ImmReSizeIMCC
DAD_ShowDragImage
CtfImmTIMActivate
ImmCreateContext
IsLFNDriveA
SdbTagIDToTagRef
ImmAssociateContextEx
SdbTagToString
ILFree
SdbGetDatabaseVersion
ImmRegisterWordA
PifMgr_GetProperties
ImmGetCompositionWindow
ILIsEqual
CheckEscapesA
ImmGetRegisterWordStyleA
ImmEnumInputContext
ImmGetIMCCSize
ImmGetCandidateWindow
SdbOpenDatabase
CtfAImmActivate

Exports

Exports

CreateProcessNotify
debuunas

Sections

.text
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30789e6aafe6471baad5a5c1dba6c987

Headers

File Characteristics

Imports

kernel32

cscdpres

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 33KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB