a8e53467c74885365a058ed7db191d50284b3e983c65bc69287927763d4301a3[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

a8e53467c74885365a058ed7db191d50284b3e983c65bc69287927763d4301a3.dll
Size

2.5MB
MD5

24563d2a7acf612b7f772ac47109071e
SHA1

80721ab7f1d28494997518abb3d8e54f6eda1b74
SHA256

a8e53467c74885365a058ed7db191d50284b3e983c65bc69287927763d4301a3
SHA512

24ca3fff1d43fb24310e9c0af39919c3a672a853d84e7bfd4a4b0480ad33fe1d71740397d77265ad2b3c29b4c58620b13c753cbbf65ef039cf2c81dbc12f1a16
SSDEEP

49152:IAlXAK4m2iWyeRGVt2JNYrWdzzBynspVMZ3mus3/yjRF75jJ55MCsCYJ:IABAK4mWRRGb2JNYuzzByn+M3musEjzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8e53467c74885365a058ed7db191d50284b3e983c65bc69287927763d4301a3.dll

Files

a8e53467c74885365a058ed7db191d50284b3e983c65bc69287927763d4301a3.dll
.dll windows:5 windows x86 arch:x86

8c243590689fe8446ca0cd95c1f646db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

select

advapi32

AllocateAndInitializeSid

imm32

ImmSetConversionStatus

rpcrt4

RpcErrorStartEnumeration

user32

PostQuitMessage
CreateWindowExA

clusapi

ClusterRegEnumValue

lz32

LZOpenFileA

kernel32

CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CompareStringW
SetEnvironmentVariableA
WideCharToMultiByte
CloseHandle
IsProcessorFeaturePresent
DeleteCriticalSection
GetSystemTimeAsFileTime
GetModuleHandleW
GetModuleFileNameW
GetModuleFileNameA
GetBinaryTypeW
HeapSize
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
MultiByteToWideChar
GetTimeFormatA
GetDateFormatA
CreateFileA
HeapAlloc
GetStdHandle
EnterCriticalSection
LeaveCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
Sleep
ExitProcess
GetLocaleInfoA
VirtualFree
VirtualAlloc
HeapReAlloc
GetTimeZoneInformation
WriteFile
ReadFile
InitializeCriticalSectionAndSpinCount
RtlUnwind
LoadLibraryA
SetFilePointer
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers

oleaut32

SafeArrayCreate
GetRecordInfoFromGuids

setupapi

SetupDiGetClassDevsA
SetupDiBuildDriverInfoList

ole32

OleDoAutoConvert

Exports

Exports

TihEethoueows

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c243590689fe8446ca0cd95c1f646db

Headers

File Characteristics

Imports

ws2_32

advapi32

imm32

rpcrt4

user32

clusapi

lz32

kernel32

oleaut32

setupapi

ole32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 12KB - Virtual size: 8KB

.text Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 16KB - Virtual size: 12KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 12KB - Virtual size: 8KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 16KB - Virtual size: 12KB