f87a749e97c7a8c63406321aa604498f

Sharing

Copy URL Twitter E-mail

General

Target

f87a749e97c7a8c63406321aa604498f
Size

11KB
MD5

f87a749e97c7a8c63406321aa604498f
SHA1

5da6a31742558d3f5e9ccde10304012230d2e0a7
SHA256

c54a7f4a32e9f6d19dbd80a7a52ea54f689956ee25e42bb6a168dc0ca3dd5946
SHA512

73fad4c4f9fb08a2a6ecc82695f18266600ad954ac50056c0db83c2dd3c5171c64e33bcced26ba06c9994c172d7c4c6fd979cd9d795e107f0bc28baa3becc97b
SSDEEP

192:8B9KKb8qerO5w87FP2c0L/N8uogIxgQWAoYWA/:cKKb8qey5w4IKgISQWAoYWA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f87a749e97c7a8c63406321aa604498f

Files

f87a749e97c7a8c63406321aa604498f
.dll windows:6 windows x86 arch:x86

6cc015b76aef262e4ac75668de2a98f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memcpy
memset
_except_handler4_common
_strlwr
_XcptFilter
malloc
free
_initterm
_amsg_exit

ntdll

NtCreateFile
RtlInitUnicodeString
NtDeviceIoControlFile

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-interlocked-l1-1-0

InterlockedExchange
InterlockedCompareExchange

api-ms-win-core-libraryloader-l1-1-0

FreeLibrary
DisableThreadLibraryCalls
LoadLibraryExA
GetProcAddress
LoadLibraryExW

api-ms-win-core-localregistry-l1-1-0

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

api-ms-win-core-misc-l1-1-0

LocalFree
LocalAlloc
Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-synch-l1-1-0

CreateEventW
WaitForSingleObject

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

AcsHlpNbConnection
WSAttemptAutodialAddr
WSAttemptAutodialName
WSNoteSuccessfulHostentLookup

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cc015b76aef262e4ac75668de2a98f7

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

ntdll

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-libraryloader-l1-1-0

api-ms-win-core-localregistry-l1-1-0

api-ms-win-core-misc-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 944B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 348B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 944B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 348B