70da87d88089ae36176e017e446635aa

General

Target

70da87d88089ae36176e017e446635aa
Size

47KB
MD5

70da87d88089ae36176e017e446635aa
SHA1

8e7c1a63c2b8783899c178cf31bcd7eaa6f14d98
SHA256

3dd03002ea66c469466d28899e86c76ce03bf8ef500e0d8b9f0715c4e69c562e
SHA512

1bcba7599ef8ea19fe7134e76dfd80f7c2fd4ddb92ee4ff9c1c939fb0239c8ad71be8f00aa09fc23715fd132a28aad00bbd5da0b4724102e8cd6294fdfa30267
SSDEEP

768:njjSAI/5RhuBES+vTpI3SgU9jdBwRv5QxZ1dpYjcVmAuHM+B5W/H:n6AI/5H8+K3vQhiRv5AMcruX5e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70da87d88089ae36176e017e446635aa

Files

70da87d88089ae36176e017e446635aa
.dll windows:8 windows x86 arch:x86

28bcdecf7379af84a0c1bb1b1986a866

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeEnvironmentStringsA
GetSystemInfo
GetCurrentProcess
SwitchToThread
ReadFileEx
HeapReAlloc
GetProcessHeaps
CompareStringA
GetModuleHandleA
SetFilePointer
WriteFile
LocalAlloc
InitializeCriticalSection
CreateFileMappingA
GetFileAttributesA
ReadFile
WaitForMultipleObjects
GetEnvironmentStringsA
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetThreadContext
GetFileAttributesExA
CopyFileA
CreateFileA
SetFilePointerEx
ConnectNamedPipe
UnmapViewOfFile
lstrcmpA
OpenThread
MapViewOfFile
HeapQueryInformation
HeapAlloc

d3drwrbk

ILCombine
ILRemoveLastID
OpenAs_RunDLL
ImmGetIMEFileNameA
SdbReadDWORDTag
ImmShowSoftKeyboard
SdbTagToString
CtfImmIsTextFrameServiceDisabled
RestartDialog
PathGetShortPath
PifMgr_CloseProperties
CtfAImmDeactivate
ImmEscapeA
ImmGetCompositionWindow
SdbReadBYTETag
InternalExtractIconListA
ImmPenAuxInput
ImmProcessKey
ImmUnlockIMCC
SdbInitDatabase
ImmSetCandidateWindow
ImmSetActiveContext
RegenerateUserEnvironment
CtfImmIsCiceroStartedInThread
ImmCreateIMCC
SetPermLayers
ImmGetCandidateWindow
CtfImmCoUninitialize

Exports

Exports

CreateProcessNotify
faxpdctr

Sections

.text
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28bcdecf7379af84a0c1bb1b1986a866

Headers

File Characteristics

Imports

kernel32

d3drwrbk

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB