1aff52ed8cf86c85b5158f37784aa039

Sharing

Copy URL

Twitter E-mail

General

Target

1aff52ed8cf86c85b5158f37784aa039
Size

809KB
MD5

1aff52ed8cf86c85b5158f37784aa039
SHA1

5384459ef409d64908c505d14399f15d5b1d5675
SHA256

5d7856caacdbdb0efdf92b9a3dd38ed47f27e3e486ac93e14f54d76d39eee7db
SHA512

585453454feed1329ca305a1e65c61bebc0f730f18ff34b308658455d7f1f8e958a32c94dd3c7f1279bf41b4a6904519509931cec5409b368f8f96ad8b84245c
SSDEEP

24576:dbPpEI+guSDuSY0p9qmZt+8vC5z9Ry/LswK:dzpV+gbfqmHEm/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1aff52ed8cf86c85b5158f37784aa039

Files

1aff52ed8cf86c85b5158f37784aa039
.dll windows:5 windows x86 arch:x86

e6d495db7caae6ce6775b2fa2570a1b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
HeapCreate
HeapAlloc
GetStartupInfoA
GetModuleHandleA

user32

GetClientRect
DrawIcon
GetSystemMetrics
LoadIconA
SendMessageA
IsIconic
EnableWindow
GetParent

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA

shell32

SHBrowseForFolderA

wininet

InternetSetCookieA

netapi32

NetApiBufferAllocate
NetApiBufferReallocate

msvcrt

__getmainargs
_acmdln
exit
_exit
_XcptFilter
__CxxFrameHandler
_onexit
_except_handler3
__p__commode
_adjust_fdiv
__dllonexit
__setusermatherr
__set_app_type
_controlfp
_initterm
_setmbcp
__p__fmode

Exports

Exports

antiemu41

Sections

.text
Size: 796KB - Virtual size: 796KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cona
Size: 512B - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.conb
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xedr
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6d495db7caae6ce6775b2fa2570a1b4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

wininet

netapi32

msvcrt

Exports

Exports

Sections

.text Size: 796KB - Virtual size: 796KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1.1MB

.cona Size: 512B - Virtual size: 45B

.conb Size: 512B - Virtual size: 119B

.xedr Size: 3KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 796KB - Virtual size: 796KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1.1MB

.cona
Size: 512B - Virtual size: 45B

.conb
Size: 512B - Virtual size: 119B

.xedr
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 2KB