21281ef87099c26b8f02ca03026926b9

General

Target

21281ef87099c26b8f02ca03026926b9
Size

79KB
MD5

21281ef87099c26b8f02ca03026926b9
SHA1

eff6c6c81eaa3a6927e8ba046c1c4e500690b9a7
SHA256

5aa34b55eefbf0c758c15f0b8ba7a00dcfba17646a5f04ad8cad359668c7de5c
SHA512

ff12e1c48acbd20087f3a86da26e7f74f33d348e69f8b1156713bef72065b512e7528cca6067316422ffccf1142125094860d3ac06d52e661677f7e3a04834df
SSDEEP

1536:v0jESRYZl6AGLhMEMDaCCMXEmw/naPK5/S7jcK:v0ASRYZlGdzMCMXEm4wcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21281ef87099c26b8f02ca03026926b9

Files

21281ef87099c26b8f02ca03026926b9
.dll windows:4 windows x86 arch:x86

350ac54bea1b667d79e80882e54fed0e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GlobalUnlock
GlobalLock
GetModuleHandleA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
GetACP
GetCPInfo
GetModuleFileNameA
GetStartupInfoA
GetStdHandle
GetFileType
SetHandleCount
VirtualFree
HeapCreate
HeapDestroy
LoadLibraryA
VirtualAlloc
HeapAlloc
HeapFree
WriteFile
WideCharToMultiByte
GetEnvironmentStringsW
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
lstrcpyA
GetProcAddress
GetVersion
ExitProcess

ltkrn13n

ord188
ord274
ord271
ord285
ord272
ord134
ord163
ord282
ord283
ord189
ord191
ord190
ord273

pcdlib32

ord5
ord7
ord3
ord2
ord61
ord28
ord29
ord27
ord79
ord6

Exports

Exports

DllMain
fltEnumDimensions
fltGetDimension
fltGetRes
fltInfo
fltLoad
fltSave

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

350ac54bea1b667d79e80882e54fed0e

Headers

File Characteristics

Imports

kernel32

ltkrn13n

pcdlib32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 3KB

.idata Size: 61KB - Virtual size: 61KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 794B

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 3KB

.idata
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 794B