50bbb65b894edae96e14c5683ea89628

Sharing

Copy URL

Twitter E-mail

General

Target

50bbb65b894edae96e14c5683ea89628
Size

87KB
MD5

50bbb65b894edae96e14c5683ea89628
SHA1

11d7e096f0bace671cb42d530db6b4440a6c0ff2
SHA256

e7f14a719ca151ad72b501fce117bb19e3f66b41d12486fd8ac5e1b4894821af
SHA512

9386db7855e381e866336acdfb5befe107decad9665815108924f8fbe9f8028b3d6ae2e68d096ee3b116a483e28f4146eb7d2b0599a7dd255e592b34644a66c2
SSDEEP

1536:3fFErfq+u94LnXye/9HagDAqlfmGPU8dXKGefm32TPkcGOZ1:Efq+u9sXyOpAqfPU8dXKGefmkPkcGOZ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50bbb65b894edae96e14c5683ea89628

Files

50bbb65b894edae96e14c5683ea89628
.dll windows:5 windows x86 arch:x86

19163a4e06eaea45b10df9588459e116

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetCurrentProcessId
CloseHandle
CreateThread
LoadLibraryA
SuspendThread
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
Beep
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
VirtualQuery

user32

MapVirtualKeyA
PostMessageA
SetForegroundWindow
SetActiveWindow
SendInput
ShowWindow
GetAsyncKeyState
GetClassNameA
GetTopWindow
MessageBoxA
GetWindowThreadProcessId
GetWindow

msvcp100

?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z

msvcr100

_initterm_e
?what@exception@std@@UBEPBDXZ
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
??2@YAPAXI@Z
_initterm
??3@YAXPAX@Z
memmove
_encoded_null
free
_CxxThrowException
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
malloc
_cexit
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
_malloc_crt
??0exception@std@@QAE@ABV01@@Z
__FrameUnwindFilter
_amsg_exit

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA

mscoree

_CorDllMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19163a4e06eaea45b10df9588459e116

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp100

msvcr100

comdlg32

shell32

mscoree

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 512B - Virtual size: 55KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 512B - Virtual size: 55KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 1KB - Virtual size: 1KB