71d12dc4a8c9ff678260ad8e54ff2b3b

General

Target

71d12dc4a8c9ff678260ad8e54ff2b3b
Size

320KB
MD5

71d12dc4a8c9ff678260ad8e54ff2b3b
SHA1

27fe070eef874ea935bdcf4cc19d88aae60a094c
SHA256

e63983f9cae126ba731f0a63ef25544e860a9041ec0e378e349ffbfba2c54fbb
SHA512

38c3ec784d472df39ceb3d86bd09257a6a0428a95f7697b7c81353794e27e08f13e38640e4d33a1aa432c4154a2fc5d186b584e7f43b4e10987edcc6cc3cdb67
SSDEEP

6144:ZkV6UQYgWP8G5MLuhTy0luoGDG5RU0hPBdSRn/ZoioAAiSoqf5AckPsuMh:ZkEU5UG+LkuBwRUUPBqnhloOSoqBhAsn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d12dc4a8c9ff678260ad8e54ff2b3b

Files

71d12dc4a8c9ff678260ad8e54ff2b3b
.dll windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Exports

Exports

kdfAutoStart
kdfAutoStartClean
kdfAutoStartCleanB
kdfAutoStartCleanD
kdfAutoStartV
kdfCkeckKeylogger
kdfExProtect
kdfGetVersion
kdfSelfCheckIntegrity
kdfSetImageDir
kdfWebBrowserContextMenu
kdfWebBrowserHandleAdd
kdfWebBrowserHandleRemove

Sections

.text
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ok0menwj
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

z5v88o6r
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7breuqg7
Size: 380KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdqo.95s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f433e7fcc51e68080022754836705744

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 72KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 660KB

ok0menwj Size: - Virtual size: 12KB

z5v88o6r Size: - Virtual size: 24KB

7breuqg7 Size: 380KB - Virtual size: 384KB

zdqo.95s Size: 4KB - Virtual size: 4KB

.text
Size: - Virtual size: 72KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 660KB

ok0menwj
Size: - Virtual size: 12KB

z5v88o6r
Size: - Virtual size: 24KB

7breuqg7
Size: 380KB - Virtual size: 384KB

zdqo.95s
Size: 4KB - Virtual size: 4KB