4239d46d22d7b4c9ab9b29e7f7d27abc

General

Target

4239d46d22d7b4c9ab9b29e7f7d27abc
Size

172KB
MD5

4239d46d22d7b4c9ab9b29e7f7d27abc
SHA1

6ebdbfb0f2acee6c1b0b84dc75c391787f78f719
SHA256

6b0731f45ed2ba2456103d2a7c444327b1d4fcee64dee10b36ab5a0543947373
SHA512

67d4ff3a81f5f39891821d8b99f47bda3fd00c691145dbf0d3155988879b90ca0da0c6e3a26f29ae9e193220413e25eb9d18c34230739c4c008e34b08ab75a40
SSDEEP

1536:Mb4uSvl91pVoNby69ni3xGnMXY0xB6JNvWtk2vp8eNOYw54YQL+urgVd7RR1LAf/:U6p2JihGAsJ4tk2+2yW07BLADtxD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4239d46d22d7b4c9ab9b29e7f7d27abc

Files

4239d46d22d7b4c9ab9b29e7f7d27abc
.dll windows:4 windows x86 arch:x86

2cd5d35b0f349f8fa6ff194064ea79bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalAlloc
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetLastError
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
WriteFile
GetStdHandle
GetModuleFileNameA
ExitProcess
Sleep
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
MultiByteToWideChar
GetLocaleInfoA
FreeLibrary
InterlockedExchange
InitializeCriticalSection
GetUserDefaultLCID
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetStringTypeExW
InterlockedCompareExchange

user32

LoadStringW

Exports

Exports

DllFilterFree
DllFilterGetPlcId
DllFilterGetVersion
DllFilterLadderStrMatch

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cd5d35b0f349f8fa6ff194064ea79bd

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 9KB