1e4c7bba5dc4fac1ff45dce2f8276a2cf1aae1ec821e370375f798baf6b4af7e

Sharing

Copy URL Twitter E-mail

General

Target

1e4c7bba5dc4fac1ff45dce2f8276a2cf1aae1ec821e370375f798baf6b4af7e
Size

3.2MB
MD5

5169ce642db4b666f3ee580da7f8ca51
SHA1

e552e92fc05e14e8c9e39184f35ede1b0b2985b6
SHA256

1e4c7bba5dc4fac1ff45dce2f8276a2cf1aae1ec821e370375f798baf6b4af7e
SHA512

e15eb3f1ea3b603a140fdc61232c7c4e064c782c866dfcf268bd356b8171b60c88e762fc655155df5473a6fc971fcaeb59b1af14f951f2ce5f88674fbf0cd9af
SSDEEP

98304:XF9Q9jzZ/MCG1iPP6SWjZxj5Mwdd7ajQ:XjQJqSWjfjdD7a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1e4c7bba5dc4fac1ff45dce2f8276a2cf1aae1ec821e370375f798baf6b4af7e

Files

1e4c7bba5dc4fac1ff45dce2f8276a2cf1aae1ec821e370375f798baf6b4af7e
.dll windows:5 windows x86 arch:x86

888f42bdcd9dcea331201bf8a1d51246

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

fgets

kernel32

GetProcessHeap
WaitForSingleObjectEx
EnumSystemLocalesA
DeleteCriticalSection
GetModuleFileNameW
GetModuleFileNameA
LoadLibraryW
GetBinaryTypeA
GetModuleHandleW

ws2_32

WSAGetLastError

rpcrt4

NdrAsyncServerCall

winmm

DefDriverProc

winspool.drv

GetPrinterDriverDirectoryW

gdi32

GetICMProfileA
SetEnhMetaFileBits

ole32

StgOpenPropStg

shlwapi

ChrCmpIA

lz32

LZInit

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.erloc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 492KB - Virtual size: 491KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OIYFEw
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

To4PCm
Size: 780KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Lny6jo2
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

888f42bdcd9dcea331201bf8a1d51246

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ws2_32

rpcrt4

winmm

winspool.drv

gdi32

ole32

shlwapi

lz32

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 200KB - Virtual size: 197KB

.erloc Size: 1.4MB - Virtual size: 1.4MB

CODE Size: 492KB - Virtual size: 491KB

OIYFEw Size: 256KB - Virtual size: 255KB

To4PCm Size: 780KB - Virtual size: 776KB

.CRT Size: 12KB - Virtual size: 11KB

Lny6jo2 Size: 4KB - Virtual size: 848B

.reloc Size: 60KB - Virtual size: 59KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 200KB - Virtual size: 197KB

.erloc
Size: 1.4MB - Virtual size: 1.4MB

CODE
Size: 492KB - Virtual size: 491KB

OIYFEw
Size: 256KB - Virtual size: 255KB

To4PCm
Size: 780KB - Virtual size: 776KB

.CRT
Size: 12KB - Virtual size: 11KB

Lny6jo2
Size: 4KB - Virtual size: 848B

.reloc
Size: 60KB - Virtual size: 59KB