59d2b156f28ee813099162b4ef8413bf

Sharing

Copy URL

Twitter E-mail

General

Target

59d2b156f28ee813099162b4ef8413bf
Size

76KB
MD5

59d2b156f28ee813099162b4ef8413bf
SHA1

60f9f8287e5dccf5f17cdd807ab6ab9512903b67
SHA256

ed04cd4122ea9dd843f6e2f2f9b792ef18befc57e02c2054b54bf658b1a91e02
SHA512

e493ba14fba157a722c017eb01577d6e0b56623de440a69649a490bb975ad7a929d6299e86f0f60384b89b7ed19258cc304f4507626f4c86c256aa626cd097cf
SSDEEP

1536:2Nm8ARawl7b0X9pglMElu/X/LStUc9jqOV5h:+zwiX9pglMElwSzd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d2b156f28ee813099162b4ef8413bf

Files

59d2b156f28ee813099162b4ef8413bf
.dll windows:4 windows x86 arch:x86

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
ResetEvent
SetConsoleCtrlHandler
CreateSemaphoreA
ReleaseSemaphore
InterlockedDecrement
SetEvent
InterlockedIncrement
GetCurrentThreadId
CreateEventA
InterlockedExchange
GetConsoleCP
GetConsoleOutputCP
GetVersionExA
OutputDebugStringA
GetModuleHandleA
GetProcessTimes
GetEnvironmentVariableA
CreateFileW
CreateFileA
GetSystemTime
SystemTimeToFileTime
SetFileTime
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
MoveFileW
MoveFileA
GetProcAddress
GetVersion
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindNextFileA
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetFileType
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesExA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetLastError
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
FlushViewOfFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetSystemInfo
FindFirstFileA
FindClose
SetEndOfFile
LocalFree
GetFullPathNameA
LoadLibraryExA
FormatMessageA
FreeLibrary
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
CreateProcessA
CreatePipe
DuplicateHandle
GetCurrentProcess
GetStdHandle
GetLastError
CloseHandle
GetACP
GetLocaleInfoA
QueryPerformanceFrequency
CreateDirectoryW
QueryPerformanceCounter
CreateDirectoryA
ExitProcess

user32

wsprintfA
CharPrevA
LoadStringA

advapi32

RegLoadKeyA
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegConnectRegistryA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegQueryValueExA
RegSaveKeyA
RegSetValueA
RegOpenKeyExA

Exports

Exports

zwdv

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 40KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 608B

.text
Size: 44KB - Virtual size: 40KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 608B