74055042f0220bfffd168371b872c4f00308400d39db6de86557abec7c38ec65

Sharing

Copy URL Twitter E-mail

General

Target

74055042f0220bfffd168371b872c4f00308400d39db6de86557abec7c38ec65
Size

2.6MB
MD5

d81ef101b28530689a57e7c1384b55a8
SHA1

4e357a1ae6252b78d5c2305627c2f0d5c3faee9a
SHA256

74055042f0220bfffd168371b872c4f00308400d39db6de86557abec7c38ec65
SHA512

cf9e518fc632c1d467572f6442822bc9f75ef806010d88915403f1c4d45572b2a66960e1eb02768cc6b9343e4a9c72c452c7476b55fccb2c631cfb174e2deff0
SSDEEP

49152:cYLOlXFpWW8rGUCwQfTFJT2JxH4em8sKUfc3oBn4gfl0KEkh/+JNVU4sUYIljD8X:cswJbM0mH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74055042f0220bfffd168371b872c4f00308400d39db6de86557abec7c38ec65

Files

74055042f0220bfffd168371b872c4f00308400d39db6de86557abec7c38ec65
.dll windows:5 windows x86 arch:x86

38f5e527d3efe19681d423afd76723fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetModuleFileNameA
FreeLibrary
VirtualAlloc
VirtualFree
VirtualProtect
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
SetLastError
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
IsBadReadPtr
GlobalAlloc
GlobalLock
GlobalUnlock
WideCharToMultiByte
SetEndOfFile
WriteConsoleW
HeapSize
SetFilePointerEx
CreateFileW
SetStdHandle
GetConsoleCP
WriteFile
FlushFileBuffers
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RaiseException
RtlUnwind
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
LCMapStringW
GetStdHandle
GetFileType
CloseHandle
ReadFile
GetConsoleMode
ReadConsoleW
GetACP
HeapReAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

user32

GetParent
GetPropA
IsWindowVisible
SetWindowPos
ShowWindowAsync
EnumChildWindows
LoadCursorA
MessageBoxA
SetPropA
CreateWindowExA
RegisterClassA
wsprintfA
DefWindowProcW

Exports

Exports

GetNewInf

Sections

.text
Size: 581KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38f5e527d3efe19681d423afd76723fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 581KB - Virtual size: 580KB

.rdata Size: 1.9MB - Virtual size: 1.9MB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 92KB - Virtual size: 92KB

.reloc Size: 66KB - Virtual size: 65KB

.text
Size: 581KB - Virtual size: 580KB

.rdata
Size: 1.9MB - Virtual size: 1.9MB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 92KB - Virtual size: 92KB

.reloc
Size: 66KB - Virtual size: 65KB