6789498f1ee6ca73d4fcf262634316030daf9eeff79bc717f44a52ca0d5505d0

Sharing

Copy URL Twitter E-mail

General

Target

6789498f1ee6ca73d4fcf262634316030daf9eeff79bc717f44a52ca0d5505d0
Size

1.7MB
MD5

9948037904871f187c5bb87276515fa2
SHA1

e0a6d2edfa8cecb108aeb6bf04b5df7c8d5bc68b
SHA256

6789498f1ee6ca73d4fcf262634316030daf9eeff79bc717f44a52ca0d5505d0
SHA512

40dffb1b02ce770961bfd1a05e3ca5d98fff3b085bbd72da2dad7104a46a53a2134ad802d9ae998d4fb483f2fae78c6ca8085ae8e2e18d8a4fe8e5a3b855e629
SSDEEP

24576:q8XcmaC7YVKcIMrs31meiczjMZzU3Xju3AG93fQi1mUJh8yD:qDmak20icKzCu3A2fQgjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6789498f1ee6ca73d4fcf262634316030daf9eeff79bc717f44a52ca0d5505d0

Files

6789498f1ee6ca73d4fcf262634316030daf9eeff79bc717f44a52ca0d5505d0
.dll windows:6 windows x86 arch:x86

ebdf7c9ba52208357792f823464a252d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
Sleep
DisableThreadLibraryCalls
LoadLibraryA
FreeConsole
CreateThread
GetProcAddress
AllocConsole
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
UnhandledExceptionFilter
IsDebuggerPresent

msvcp140

?clog@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z

vcruntime140

__std_type_info_destroy_list
memset
_except_handler4_common
memcpy

api-ms-win-crt-stdio-l1-1-0

fclose
__acrt_iob_func
__stdio_common_vfprintf
freopen_s

api-ms-win-crt-runtime-l1-1-0

_cexit
_initterm
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1004B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.vlizer
Size: 599KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ebdf7c9ba52208357792f823464a252d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 1024B - Virtual size: 1004B

.vlizer Size: 599KB - Virtual size: 600KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 1024B - Virtual size: 1004B

.vlizer
Size: 599KB - Virtual size: 600KB