05c8a943c044bedc28b291cbe14275b9

Sharing

Copy URL

Twitter E-mail

General

Target

05c8a943c044bedc28b291cbe14275b9
Size

686KB
MD5

05c8a943c044bedc28b291cbe14275b9
SHA1

02b0fe1d41c0b7521ddda564ebfdc14d8f265dcb
SHA256

6a6f3c36666df12e01f4cd164c23c0f9f2171630176f2ace0a57eff6fdfadaff
SHA512

8981b0cc632097cf5565b2bb573295724579b5ea5d1fa20707d6ac956eeae5f225f08785a5ad50f839dde0b872135d4d566948f74fbd7de750478bd9422fef0a
SSDEEP

12288:4Nluc6M/mgTArpZbUl2aaiy0xS6tPOwK/BmQVEbzN0qoJt:4lmgTAV9I2Nin06wwKUQVEbzuqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c8a943c044bedc28b291cbe14275b9

Files

05c8a943c044bedc28b291cbe14275b9
.dll windows:6 windows x64 arch:x64

cba95878b0cfe3d304bd78d36df2a8be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetTickCount
CreateThread
ExitProcess
Sleep
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetLastError
CloseHandle
SetEndOfFile
HeapSize
WriteConsoleW
SetStdHandle
GetProcessHeap
ReadFile
GetFileSize
CreateFileW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
FreeLibrary
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapAlloc
HeapFree
HeapReAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindClose
RtlUnwind

gdi32

GetMetaFileBitsEx
DeleteObject
GetNearestPaletteIndex
DeleteMetaFile
SetMetaFileBitsEx
CreatePenIndirect

advapi32

SetKernelObjectSecurity
GetKernelObjectSecurity
GetSecurityDescriptorOwner
FileEncryptionStatusW
ControlTraceA
SetServiceObjectSecurity
DeleteService
CreateServiceW
CloseServiceHandle
GetUserNameW
AccessCheck

dbghelp

SymInitialize
SymSetOptions
SymGetOptions
SymCleanup
SymGetFileLineOffsets64
SymSetContext
FindExecutableImageEx

imm32

ImmEnumRegisterWordW
ImmEscapeW

urlmon

RegisterBindStatusCallback
RevokeBindStatusCallback
FindMediaTypeClass
CoInternetIsFeatureEnabledForUrl
CompatFlagsFromClsid
MkParseDisplayNameEx

rpcrt4

MesEncodeFixedBufferHandleCreate
MesDecodeBufferHandleCreate
MesHandleFree

Sections

.text
Size: 551KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cba95878b0cfe3d304bd78d36df2a8be

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

dbghelp

imm32

urlmon

rpcrt4

Sections

.text Size: 551KB - Virtual size: 551KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 12KB

.pdata Size: 14KB - Virtual size: 14KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 551KB - Virtual size: 551KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 12KB

.pdata
Size: 14KB - Virtual size: 14KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 3KB