2387407133810c3a93fa0bf3eaff0840

Sharing

Copy URL Twitter E-mail

General

Target

2387407133810c3a93fa0bf3eaff0840
Size

2.4MB
MD5

2387407133810c3a93fa0bf3eaff0840
SHA1

e8adf973a751a0765ee808fa6710a2f6ada92ba6
SHA256

01f2795e5162ec15257d06384d00d58ba9ec1dae4ed7126468c19c7b4b2a5fce
SHA512

7d444192306dda007f9ecc2ac88d0692feb7e15289b27dcd224231a05aa924f3e1e909d2b90b8405c243b7d354409ddd2a0f1343a60e9ef733ec6515fef9c257
SSDEEP

49152:nT48L0lvDkR7gVigDH422gwGgvXgqgogNkQgrKg/kgYg4goghOjxgb+GVOjgieEu:nE8L0lbQgEgegFgvgqgogLgWg8gYg4gL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2387407133810c3a93fa0bf3eaff0840

Files

2387407133810c3a93fa0bf3eaff0840
.dll windows:4 windows x86 arch:x86

1e57cb330f37aab6694ace4def51eba5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCreateKeyA
RegQueryValueA

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateProcessA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

___mb_cur_max_func
__dllonexit
__mb_cur_max
_amsg_exit
_beginthreadex
_endthreadex
_errno
_fdopen
_fileno
_fstat64
_initterm
_iob
_lock
_lseeki64
_onexit
_read
_setjmp3
_strdup
_strnicmp
_ultoa
_unlock
_write
abort
atoi
bsearch
calloc
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
fputs
fread
free
gmtime
fseek
ftell
fwrite
getenv
isalnum
isalpha
iscntrl
isdigit
isgraph
islower
isprint
ispunct
isspace
isupper
iswctype
isxdigit
localeconv
localtime
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
rand
realloc
remove
setlocale
setvbuf
sprintf
strchr
strcmp
strcoll
strerror
strftime
strlen
strncmp
strtoul
strxfrm
time
system
tolower
toupper
towlower
towupper
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm

Exports

Exports

CtuakY
JMKVaLpHZ
OtsmyXgW
SXsQYEGTlyVTbUGOPSrU
cHMuzCfwvmFTzw
dQePvIail

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e57cb330f37aab6694ace4def51eba5

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.data Size: 24KB - Virtual size: 24KB

.rdata Size: 41KB - Virtual size: 41KB

.eh_fram Size: 225KB - Virtual size: 225KB

.bss Size: - Virtual size: 3KB

.edata Size: 512B - Virtual size: 182B

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.reloc Size: 53KB - Virtual size: 53KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 24KB - Virtual size: 24KB

.rdata
Size: 41KB - Virtual size: 41KB

.eh_fram
Size: 225KB - Virtual size: 225KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 182B

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 53KB - Virtual size: 53KB