032e8fced2fbed146c30a47d4989804b

General

Target

032e8fced2fbed146c30a47d4989804b
Size

23KB
MD5

032e8fced2fbed146c30a47d4989804b
SHA1

e50d6616f24459d32d0c3d14ce3a84b4c8a87758
SHA256

8f7684eed8707df29772df1285232df84d2e9be814aced65f3f02c7770632988
SHA512

b4bb303763620638afb128c346d39b610263418c2f818742483ff5b58412d3a0f5c6e1b6550988733271c6187663c1677167e87b8191802f6d72c7f02049f2fa
SSDEEP

384:Mu9l+WYg9NBGLJqFazq8yIG2WYEI6MyT2Muw+y4445D3Z1zu3fmrE2i8WQQW:MG3ByPAIVZOuwH4H5D3q3fmrcG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
032e8fced2fbed146c30a47d4989804b

Files

032e8fced2fbed146c30a47d4989804b
.dll windows:5 windows x86 arch:x86

5ccf967452226a8bd8a13bc619695375

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitThread
lstrcmpW
DuplicateHandle
SetStdHandle
CompareStringW
GetCurrentProcessId
HeapSize
InterlockedIncrement
RemoveDirectoryW
HeapAlloc
GetTickCount
GetModuleHandleA
SetCurrentDirectoryA
DeleteFileA
GetSystemTimeAsFileTime
GetEnvironmentVariableW
SetConsoleCP
CreateThread
GetProcessHeap
GlobalAlloc
HeapReAlloc
GetStringTypeW
FreeEnvironmentStringsW
GetStartupInfoA
ExitProcess
lstrlenW
GetACP
GetCommandLineA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualProtect
MulDiv
QueryPerformanceCounter
LoadLibraryA
SystemTimeToFileTime
Sleep
FindResourceW
GetOEMCP
GetCurrentThreadId
CloseHandle

user32

GetDlgCtrlID
EnumThreadWindows
LoadImageW
SetWindowPos
SetActiveWindow
ClientToScreen
MessageBoxA
GetClassInfoExW

msvcrt

memset
_CxxThrowException
_wcsicmp

gdi32

SetBkMode
GetStockObject
CreateCompatibleBitmap
ExtTextOutW

ole32

StgSetTimes
CoUninitialize

Exports

Exports

_IWMPEvents@0

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ccf967452226a8bd8a13bc619695375

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

gdi32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 7KB

.data Size: 14KB - Virtual size: 36KB

.rsrc Size: 1024B - Virtual size: 868B

.reloc Size: 512B - Virtual size: 24B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 7KB

.data
Size: 14KB - Virtual size: 36KB

.rsrc
Size: 1024B - Virtual size: 868B

.reloc
Size: 512B - Virtual size: 24B