93e60cb7de84efc948d06d5b4ff93d404bd1deaac0938eefeaba10330fc3f41a

Sharing

Copy URL Twitter E-mail

General

Target

93e60cb7de84efc948d06d5b4ff93d404bd1deaac0938eefeaba10330fc3f41a
Size

108KB
MD5

a7d8c06dcec58598acb2c1bba04c96aa
SHA1

ee1e1862a9139ac1e7733061321019ac8ac410ef
SHA256

93e60cb7de84efc948d06d5b4ff93d404bd1deaac0938eefeaba10330fc3f41a
SHA512

5ee21d9f473c56c0bcf8997a4fbad8d58a47c9753a2a923e6f39eb09c1f21706da9f48d56ee0f685bb5b7e553ca307b8f84834ac5f1c5ef67fd51397b2795038
SSDEEP

1536:YrT2Yu4tzbm2QrPwS6Z3WLfZ9AzSJDNwkdIMOCv98MixgyjVZ5i:QC+bm2d5ZoxFV8Myg8VZ5i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e60cb7de84efc948d06d5b4ff93d404bd1deaac0938eefeaba10330fc3f41a

Files

93e60cb7de84efc948d06d5b4ff93d404bd1deaac0938eefeaba10330fc3f41a
.dll windows:5 windows x86 arch:x86

1262593fcb9227536807d9bf4749ce61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
SetEndOfFile
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
IsProcessorFeaturePresent
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
HeapSize
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapCreate
HeapDestroy
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameW
GetLocaleInfoW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileA
GetProcessHeap

user32

GetDC

gdi32

EnumFontFamiliesW

Exports

Exports

AppUpWrapper_createApplication
AppUpWrapper_deleteApplication

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1262593fcb9227536807d9bf4749ce61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 12KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 12KB

.reloc
Size: 7KB - Virtual size: 7KB