064179dd776cd2259382d800daf692d1a5f1a5047c519187e4f6ae3021ccf785

Sharing

Copy URL Twitter E-mail

General

Target

064179dd776cd2259382d800daf692d1a5f1a5047c519187e4f6ae3021ccf785
Size

175KB
MD5

dcc4ba770390f4d3c09675184b2b0a14
SHA1

d3f0ab429040d67d1b61be602c21b934dfa2a054
SHA256

064179dd776cd2259382d800daf692d1a5f1a5047c519187e4f6ae3021ccf785
SHA512

2828afda1b0263b26c87734b29a7f028ccecbb39a9df0cf42d769a53d28fe65bc2622c5ae4837cdcaca9fe3e7ae3d306cb343d17d2cc1e8b10a9ec311899f7f8
SSDEEP

3072:HQn1Tw/j0jbm71GZfXKBRhJQj9cjdYd2DfClFiqzV2mCHMPfG69Ob+JJJ655ZZo9:HChwYK7cfXKjh6Zc2YHjb+JJJ655ZZo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
064179dd776cd2259382d800daf692d1a5f1a5047c519187e4f6ae3021ccf785

Files

064179dd776cd2259382d800daf692d1a5f1a5047c519187e4f6ae3021ccf785
.dll windows:4 windows x64 arch:x64

9ecab6b71fa70cda7bfd38bb9e53d95c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_fileno
_initterm
_lock
_setjmp
_setmode
_unlock
_wfopen
abort
calloc
exit
fclose
fflush
fputc
free
fwrite
localeconv
longjmp
malloc
memcpy
memset
realloc
setvbuf
signal
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

DropNote
NimMain

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 175B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 221B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 119B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ecab6b71fa70cda7bfd38bb9e53d95c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 98KB - Virtual size: 97KB

.data Size: 512B - Virtual size: 272B

.rdata Size: 10KB - Virtual size: 10KB

/4 Size: 512B - Virtual size: 4B

.pdata Size: 4KB - Virtual size: 4KB

.xdata Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 72KB

.edata Size: 512B - Virtual size: 92B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 136B

/14 Size: 512B - Virtual size: 80B

/29 Size: 4KB - Virtual size: 3KB

/41 Size: 512B - Virtual size: 175B

/55 Size: 512B - Virtual size: 221B

/67 Size: 512B - Virtual size: 119B

.text
Size: 98KB - Virtual size: 97KB

.data
Size: 512B - Virtual size: 272B

.rdata
Size: 10KB - Virtual size: 10KB

/4
Size: 512B - Virtual size: 4B

.pdata
Size: 4KB - Virtual size: 4KB

.xdata
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 72KB

.edata
Size: 512B - Virtual size: 92B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 136B

/14
Size: 512B - Virtual size: 80B

/29
Size: 4KB - Virtual size: 3KB

/41
Size: 512B - Virtual size: 175B

/55
Size: 512B - Virtual size: 221B

/67
Size: 512B - Virtual size: 119B