tlv[.]exe[.]vir

Sharing

Copy URL Twitter E-mail

General

Target

tlv.exe.vir
Size

1.3MB
MD5

d12ef0825808af828a0a837b9bdda0d7
SHA1

1ddef98c91a28e5cf047c3ef24b1841329ca4664
SHA256

655f98ad601e35270ba63fcbe029e32fe9aeb4e61650f8de9ebe61d52d049361
SHA512

11db20a4c5443fb24107ba8edd43f5a6b536a29707994c6278118c8c50d4691729057877f819cf73f230a8a05b823f315e04573222779425df712e23edafe2db
SSDEEP

24576:4bFq/S6iHkUfkw1d5cNOLmPJ298zkXwiz:AFq/S1kUfkwQ298Udz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
tlv.exe.vir

Files

tlv.exe.vir
.exe windows:4 windows x86 arch:x86

7aabeda7364a497805b90b74ff06f432

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
WriteConsoleW

comctl32

CreateMRUListW

compstui

CommonPropertySheetUIA
SetCPSUIUserData

crypt32

CryptRegisterOIDFunction

gdi32

SetDCBrushColor

netshell

DllCanUnloadNow
DllRegisterServer
DllUnregisterServer
NcIsValidConnectionName

ntdll

RtlCompareString

propsys

VariantToBooleanArrayAlloc
VariantToInt16WithDefault

rpcrt4

NdrTypeFree

userenv

GetUserProfileDirectoryW

version

VerFindFileW

ws2_32

WSALookupServiceNextA

cr

xIPcebbgjdLubXkx

Sections

.text
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mKnhuX
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FMhbRPW
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.C
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.KDPqLo
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rbdal
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jwlbLhf
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.krhwuSC
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AHZBS
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rRSJ
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PwxrbLh
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Pvr
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VPpM
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.JGpSH
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.luRYnI
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.F
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bsNAF
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TFiRr
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vhWjeW
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QycCbY
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eh_fram
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7aabeda7364a497805b90b74ff06f432

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

compstui

crypt32

gdi32

netshell

ntdll

propsys

rpcrt4

userenv

version

ws2_32

cr

Sections

.text Size: 680KB - Virtual size: 680KB

.mKnhuX Size: 32KB - Virtual size: 32KB

.FMhbRPW Size: 32KB - Virtual size: 32KB

.C Size: 32KB - Virtual size: 32KB

.KDPqLo Size: 32KB - Virtual size: 32KB

.rbdal Size: 32KB - Virtual size: 32KB

.kc Size: 32KB - Virtual size: 32KB

.jwlbLhf Size: 32KB - Virtual size: 32KB

.krhwuSC Size: 32KB - Virtual size: 32KB

.AHZBS Size: 32KB - Virtual size: 32KB

.rRSJ Size: 32KB - Virtual size: 32KB

.PwxrbLh Size: 32KB - Virtual size: 32KB

.Pvr Size: 32KB - Virtual size: 32KB

.VPpM Size: 32KB - Virtual size: 32KB

.JGpSH Size: 32KB - Virtual size: 32KB

.luRYnI Size: 32KB - Virtual size: 32KB

.F Size: 32KB - Virtual size: 32KB

.bsNAF Size: 32KB - Virtual size: 32KB

.TFiRr Size: 32KB - Virtual size: 32KB

.vhWjeW Size: 32KB - Virtual size: 32KB

.QycCbY Size: 32KB - Virtual size: 32KB

.eh_fram Size: 512B - Virtual size: 56B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 24B

.text
Size: 680KB - Virtual size: 680KB

.mKnhuX
Size: 32KB - Virtual size: 32KB

.FMhbRPW
Size: 32KB - Virtual size: 32KB

.C
Size: 32KB - Virtual size: 32KB

.KDPqLo
Size: 32KB - Virtual size: 32KB

.rbdal
Size: 32KB - Virtual size: 32KB

.kc
Size: 32KB - Virtual size: 32KB

.jwlbLhf
Size: 32KB - Virtual size: 32KB

.krhwuSC
Size: 32KB - Virtual size: 32KB

.AHZBS
Size: 32KB - Virtual size: 32KB

.rRSJ
Size: 32KB - Virtual size: 32KB

.PwxrbLh
Size: 32KB - Virtual size: 32KB

.Pvr
Size: 32KB - Virtual size: 32KB

.VPpM
Size: 32KB - Virtual size: 32KB

.JGpSH
Size: 32KB - Virtual size: 32KB

.luRYnI
Size: 32KB - Virtual size: 32KB

.F
Size: 32KB - Virtual size: 32KB

.bsNAF
Size: 32KB - Virtual size: 32KB

.TFiRr
Size: 32KB - Virtual size: 32KB

.vhWjeW
Size: 32KB - Virtual size: 32KB

.QycCbY
Size: 32KB - Virtual size: 32KB

.eh_fram
Size: 512B - Virtual size: 56B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 24B