014bb90a72c228e9fe67a4f01b40a6d7

Sharing

Copy URL

Twitter E-mail

General

Target

014bb90a72c228e9fe67a4f01b40a6d7
Size

103KB
MD5

014bb90a72c228e9fe67a4f01b40a6d7
SHA1

969a8cee890106bad344ec072183f3cced5bdfbb
SHA256

05369d9407e66824307d5ae7f80bd106080bb5377f30e7bbc0a50c88f3da29ee
SHA512

a11f6ba2954c54dab0fae0c5faef7c87cbbb9e78529bcfd8e852bdb317bf8b5346988a0f7d138cf98347fe79628d0fa8d1d8b87a5d10e4069807620a111e2fa7
SSDEEP

1536:X2udHxy+rxHLvN/2O6u1nzcH28AkmcTGx24mx19iUPxRNZ:X9NHUOBnzuycTGx2vx19iUPzNZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014bb90a72c228e9fe67a4f01b40a6d7

Files

014bb90a72c228e9fe67a4f01b40a6d7
.dll windows:5 windows x86 arch:x86

21eae999161755281947ad8d328190ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetProcAddress
GetModuleHandleA
VirtualAlloc
Sleep
GlobalFree
OutputDebugStringA
GlobalAlloc
GetCommandLineA
SetConsoleCtrlHandler
ReleaseMutex
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
GetLastError
CreateMutexA
GetFileAttributesA
CloseHandle
CreateThread
GetModuleFileNameA
FreeLibrary
DeleteFileA
MoveFileExA
SetFileAttributesA
ReadFile
GetFileSize
CreateFileA
GetVersionExA
WriteFile
SetFilePointer
GetLocalTime
VirtualProtect
VirtualFree
ExitThread
GetCurrentProcess
WaitForSingleObject
CreateRemoteThread
Process32Next
Process32First
CreateToolhelp32Snapshot
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
GetExitCodeProcess
OpenProcess
LoadLibraryExA
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
OpenFileMappingA
WinExec
CopyFileA
GetComputerNameA
SetFileTime
GetFileTime
GetCurrentProcessId
GlobalUnlock
GlobalLock
CreateProcessA
GetStartupInfoA
EncodePointer
DecodePointer
GetModuleHandleW
ExitProcess
GetCurrentThreadId
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
HeapAlloc
RaiseException
HeapFree
HeapSize
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
RtlUnwind
VirtualQuery
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetStdHandle
GetModuleFileNameW
SetHandleCount
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
HeapReAlloc
LCMapStringW
MultiByteToWideChar
GetStringTypeW
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

21eae999161755281947ad8d328190ab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 12KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 12KB

.reloc
Size: 6KB - Virtual size: 6KB