13b437eb17cee1fdbdba43b9e208a625

General

Target

13b437eb17cee1fdbdba43b9e208a625
Size

208KB
MD5

13b437eb17cee1fdbdba43b9e208a625
SHA1

a3eb85423464adc310a6b6f7fb7fe737e7a11b3a
SHA256

4c6bc2313ae5a23e745f5c05337f9b7902862417755c91c92d6a3ee85b0872a4
SHA512

89dbce5d37a1f684d0a95c52b6b96122c23bd519555061ab92512ee719c0fc95792ea9b6652f39b8fd875a7b39fd177b491871a6dfcdda5ead7bdf7728be5cb7
SSDEEP

6144:UasJVBxXLhE6TBSdAOW8qE8+YRBVSnUOHB:AJFPT4dCtBVSnUOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13b437eb17cee1fdbdba43b9e208a625

Files

13b437eb17cee1fdbdba43b9e208a625
.dll windows:4 windows x86 arch:x86

74ec057b2b5a4edf82bef80d36a1458c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hpltkrn14nu

ord191
ord167
ord188
ord125
ord141
ord283
ord137
ord129
ord100
ord134
ord116
ord282
ord126
ord189
ord190
ord192
ord313

kernel32

MulDiv
FreeLibrary
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
InterlockedExchange
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep

msvcr80

pow
strtod
strlen
_gmtime64
_except_handler4_common
??3@YAXPAX@Z
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fabs
strcpy
malloc
memcpy
_CxxThrowException
strncpy
_time64
memcmp
__CxxFrameHandler3
memset
wcscpy
free

Exports

Exports

DllMain
fltComment
fltInfo
fltLoad
fltSave

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74ec057b2b5a4edf82bef80d36a1458c

Headers

File Characteristics

Imports

hpltkrn14nu

kernel32

msvcr80

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 104KB - Virtual size: 100KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 104KB - Virtual size: 100KB

.reloc
Size: 4KB - Virtual size: 3KB