4e60de1daeb73d226c21a290da7fb9c3

General

Target

4e60de1daeb73d226c21a290da7fb9c3
Size

42KB
MD5

4e60de1daeb73d226c21a290da7fb9c3
SHA1

a7feabee28f43984eb8ae586e3f70333d893cf62
SHA256

5f5fa0125e14984911572a0cab7ae5fdeb7ee3726ad3d97c67894058adbaab9f
SHA512

8b0577a56f457aada508c40fe8be99ec808997cf80389dfb0e8c306c341fd31d841a505f1e149301baa7cae3baca270e842b81d62ce904a4f5be77bf2621d343
SSDEEP

768:DA24wsBl10WtW55CBelUtzb/4nPt3EAkbpWYUg0lneZ0w6/8JT1lEp:DAFn0Wo5CBh5wP1e88Jju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e60de1daeb73d226c21a290da7fb9c3

Files

4e60de1daeb73d226c21a290da7fb9c3
.dll windows:5 windows x86 arch:x86

3fdc67d3352d3666550261cd3aa5cb7f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

NtInitiatePowerAction
NtOpenIoCompletion
NtOpenEventPair
ZwDeleteFile
ZwFlushWriteBuffer
NtFlushInstructionCache

kernel32

GetProcessHeap
WritePrivateProfileStringA
VirtualAlloc
GetShortPathNameA
SetEndOfFile
MultiByteToWideChar
ReleaseSemaphore
GetTickCount
RaiseException
FindNextFileA
SetFilePointer
WritePrivateProfileStructA
SetUnhandledExceptionFilter
GetVersion
CreateEventW
SetThreadPriority
ReadFile
SetCurrentDirectoryA
ReadProcessMemory
GetFullPathNameW
SetWaitableTimer
SetErrorMode
GetStringTypeExW
FindClose
lstrcpyW
InterlockedExchangeAdd
IsDebuggerPresent
QueryPerformanceFrequency
GetLocaleInfoW
GetPrivateProfileIntW
InitializeCriticalSection
GetLongPathNameW
FindFirstFileA
CreateFileA
DuplicateHandle
GetCurrentThread
GetPrivateProfileStringW
CloseHandle
LoadLibraryExW

Exports

Exports

CreateProcessNotify
GetUdpTable
DllClientCleanup
csrscess
DllClientStartup
GetOwnerModuleFromUdpEntry
InternalSetIpStats
GetBestRoute
GetUdpStatisticsEx
Icmp6ParseReplies
NTPTimeToNTFileTime
Icmp6CreateFile

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fdc67d3352d3666550261cd3aa5cb7f

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

kernel32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 409B

.rsrc Size: 33KB - Virtual size: 36KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 409B

.rsrc
Size: 33KB - Virtual size: 36KB

.reloc
Size: 512B - Virtual size: 4KB