29c0077d72b4414f52ee94ea129a65da

Sharing

Copy URL

Twitter E-mail

General

Target

29c0077d72b4414f52ee94ea129a65da
Size

112KB
MD5

29c0077d72b4414f52ee94ea129a65da
SHA1

2105b37556d2d5d97b045e957ad64d7c460d4191
SHA256

1a7d09de07051ac4cc1fbccf6f34a21bc756c717df94cce89575a061aa253bab
SHA512

8eccec4cbe179fd1c20056221eb9880ef91a24f207bb74cd3ad98e2a83f21fd101d6a6f9607c93873e2d72f693b60b028654da40f553b011a3070b2e55c7b73d
SSDEEP

3072:z+tc5yfewARRV9L68AMRyhmIoYNqTS/D+RP7OYj/:SmieNJB68tyhONPKYj/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29c0077d72b4414f52ee94ea129a65da

Files

29c0077d72b4414f52ee94ea129a65da
.dll windows:6 windows x86 arch:x86

6f27559be66cd8946edecedae3b58b8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
CloseHandle
CreateThread
GetProcAddress
GetCurrentProcessId
CreateFileW
DecodePointer
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
HeapSize
SetStdHandle
GetStringTypeW
SetFilePointerEx
GetProcessHeap
InterlockedExchange
HeapCreate
VirtualProtect
HeapFree
GetCurrentProcess
InterlockedCompareExchange
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
WriteConsoleW

user32

IsWindowVisible
EnumWindows
GetWindow
GetWindowThreadProcessId

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f27559be66cd8946edecedae3b58b8c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB