484f5f4dc85b6526c7548cde67cda4f9

General

Target

484f5f4dc85b6526c7548cde67cda4f9
Size

139KB
MD5

484f5f4dc85b6526c7548cde67cda4f9
SHA1

78f946e0aeaa4d4b6b07072fded67b7ec4ad7ed5
SHA256

bd049740ed492d4474c2c514f762d6c01bdef366b9ef94fda1c8ba9fbe60952f
SHA512

33c7548a6249333ad741cb377dee2b6b142b174086ff0544c0b2dce248a78d822a28580118a788c0cdc5441dadfb8e96b7f885a0a335377f06d1d4dad6061627
SSDEEP

3072:U/U122frmzrrkoQOtWiLkLxQCPs3MXkxWxVufONsL:U/U122frmoxOtWMqQCJLxUG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
484f5f4dc85b6526c7548cde67cda4f9

Files

484f5f4dc85b6526c7548cde67cda4f9
.dll windows:5 windows x86 arch:x86

35103fd4346265b3933e95339232a1a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetSystemMetrics

msvcr90

_vsnprintf
free
malloc
??_V@YAXPAX@Z
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_except_handler4_common
??_U@YAPAXI@Z
_ismbblead
atoi
_purecall
strncmp
memset
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
memchr
strtok

kernel32

LoadLibraryA
GetProcAddress
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
WideCharToMultiByte
DisableThreadLibraryCalls

Exports

Exports

CanUnload2
RMACreateInstance

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35103fd4346265b3933e95339232a1a1

Headers

DLL Characteristics

File Characteristics

Imports

user32

msvcr90

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 101KB - Virtual size: 100KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 101KB - Virtual size: 100KB

.reloc
Size: 3KB - Virtual size: 2KB