120dc5e0a0ada672bcda67707b3d6c1e

General

Target

120dc5e0a0ada672bcda67707b3d6c1e
Size

35KB
MD5

120dc5e0a0ada672bcda67707b3d6c1e
SHA1

004b2372075a9177c3a9526b1e68b822c40d64af
SHA256

49149c6bd0e5f99bbac4af3c8fcbb203db5ff698b70e8b4328260f102ea174c8
SHA512

7643c2a4a619a1ec02383badaeb9e7d60f3ed24ab609ac9faa3f40ec1032d5452533afbd93527a82e6d6a52548c1d836a7b677e094ff25c83f0ccc1c7199fdaf
SSDEEP

384:1y6jVp/NAPQ32fDZHIDhAoyTlXkaAdWbG9TCJJPxraLhe+pGaI6y4QbzsQ0ntvNk:1y6jVp2FNCyXkaDwcwLzGaf3ptq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
120dc5e0a0ada672bcda67707b3d6c1e

Files

120dc5e0a0ada672bcda67707b3d6c1e
.dll windows:4 windows x86 arch:x86

300c616e14d87cba8634fe1583cf1687

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LoadLibraryA
OpenFile
lstrcmpiA
GetPrivateProfileStringA
lstrcpyA
GetModuleFileNameA
VirtualFree
FreeLibrary
VirtualAlloc
GetDiskFreeSpaceA
GetWindowsDirectoryA
GlobalMemoryStatus
GetPrivateProfileIntA
GetVersion
GetTickCount
ResetEvent
WaitForSingleObject
CreateEventA
WriteProfileStringA
_lwrite
_lclose
lstrcatA
GetProfileIntA
GetProfileStringA
CloseHandle
GetCurrentThreadId
TlsSetValue
GetLastError
WriteFile
GetFileType
CreateFileA
GetCommandLineA
GetModuleHandleA
LeaveCriticalSection
GetProcAddress
InitializeCriticalSection
SetStdHandle
SetHandleCount
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
SetEndOfFile
ReadFile
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsW
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
FlushFileBuffers
HeapAlloc
HeapFree

user32

wsprintfA

Exports

Exports

Initiator
vGetInterfaceInfo
vInitialize
vOpenSCSI

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1021B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

300c616e14d87cba8634fe1583cf1687

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 1024B - Virtual size: 1021B

.data Size: 10KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 1024B - Virtual size: 1021B

.data
Size: 10KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB