488363af3779abdc652d9d06467f8126

General

Target

488363af3779abdc652d9d06467f8126
Size

178KB
MD5

488363af3779abdc652d9d06467f8126
SHA1

cc1d71fc8bc0fad2e77cb60bce90eb74b0d455aa
SHA256

3fd8df0037cf71c4f95262ffbf40589cb61454dba35c22943bf5f4877840b6c1
SHA512

bb7b34fc79cd02128f56f2cf4c02d789d857525394ee1481129b9444fda9a7d55ade5a0d28803e4a9fac0151395a5af756c4eab79f98babaee72d3a11028911f
SSDEEP

3072:MXUPg3oNb4SYAjnWIkSsWe+FO5bvEYyc1mPBy5kxBm:MXog3sT5WIqwg5bSqmPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488363af3779abdc652d9d06467f8126

Files

488363af3779abdc652d9d06467f8126
.dll windows:5 windows x86 arch:x86

367ff124085d7931241dea8aed785c0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
CreateProcessW
DeleteCriticalSection
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetWindowsDirectoryW
CreateFileMappingW
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
LocalFree
MapViewOfFile
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
lstrcpynW
VirtualAlloc
ReadFile
GlobalFree
CloseHandle

advapi32

RegOpenKeyW

msvcrt

_wcsnicmp
wcscpy
_purecall

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fa4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 710B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

367ff124085d7931241dea8aed785c0e

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 168B

.fa4 Size: 2KB - Virtual size: 1KB

.data2 Size: 157KB - Virtual size: 156KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 710B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 168B

.fa4
Size: 2KB - Virtual size: 1KB

.data2
Size: 157KB - Virtual size: 156KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 710B