41569535cd2cf991b6d14b17cdebc304

General

Target

41569535cd2cf991b6d14b17cdebc304
Size

32KB
MD5

41569535cd2cf991b6d14b17cdebc304
SHA1

4db5216dba423e0702f1ebc62b7ca7498a3a02ad
SHA256

0bb0a4d59fcb5c2f95b8020fc60b4a0d5171065683a0cd3948780550be8c1eba
SHA512

d65f07c80d487bd4802d9d94116c619a7be235b166303c42277824e69c6b53d880066e2583f1eee821217f62a632763f201aae20f5e6b25252129edcb7929f27
SSDEEP

384:ejw2f5opyrSFiZ1yzpj/pTFKTz9nNAX6rMvh10+LehglEegNuo:edrSIERwVnNi6rOL1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41569535cd2cf991b6d14b17cdebc304

Files

41569535cd2cf991b6d14b17cdebc304
.dll windows:4 windows x86 arch:x86

aa1a4f288daf9eb9fbceaafbd302c0da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomW
BuildCommDCBA
CallNamedPipeA
CancelIo
CloseHandle
CompareFileTime
CreateNamedPipeW
DeleteCriticalSection
ExitProcess
GetEnvironmentVariableW
GetLocaleInfoW
GetProcessHeaps
GlobalGetAtomNameW
Heap32ListNext
Heap32Next
HeapFree
SetCommTimeouts
SetDefaultCommConfigA
SetMailslotInfo
TlsFree
VirtualFree
WritePrivateProfileSectionA
WritePrivateProfileStringA
lstrcatA
lstrlenW

user32

AnimateWindow
ChangeDisplaySettingsW
CharNextExA
CharUpperW
CopyAcceleratorTableW
CreateMenu
CreatePopupMenu
CreateWindowExA
DdeNameService
DrawCaption
DrawFrame
GetActiveWindow
GetClipCursor
GetQueueStatus
GetSystemMenu
GetUserObjectInformationW
IMPGetIMEA
IsDlgButtonChecked
OemToCharA
OemToCharBuffW
ReleaseCapture
ReplyMessage
SendMessageCallbackW
wsprintfW

gdi32

AbortPath
CopyMetaFileA
CreateRoundRectRgn
DeleteEnhMetaFile
Ellipse
EndPath
FixBrushOrgEx
GdiComment
GetCharWidthA
GetClipRgn
GetDIBColorTable
GetEnhMetaFileBits
GetEnhMetaFileDescriptionW
GetGraphicsMode
GetMiterLimit
GetNearestColor
IntersectClipRect
PathToRegion
PlayMetaFile
PolyDraw
RemoveFontResourceA
RemoveFontResourceW
SelectClipPath
SelectObject
SetEnhMetaFileBits
SetICMProfileW
SetLayout
StartDocW
gdiPlaySpoolStream

Exports

Exports

Update

Sections

.text
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa1a4f288daf9eb9fbceaafbd302c0da

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 12KB

.data Size: 24KB - Virtual size: 24KB

.idata Size: - Virtual size: 20KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 12KB

.data
Size: 24KB - Virtual size: 24KB

.idata
Size: - Virtual size: 20KB

.rsrc
Size: - Virtual size: 12KB