74adc519d68b38fa9e2d7d945f56fb8a0232c586e71687b482e5285aab2f659c

Sharing

Copy URL Twitter E-mail

General

Target

74adc519d68b38fa9e2d7d945f56fb8a0232c586e71687b482e5285aab2f659c
Size

4.8MB
MD5

ddac5fe88e9698448b89b3356d39ee7f
SHA1

d92a7656f48dda1ff837ba72a4b2e8997b38aee6
SHA256

74adc519d68b38fa9e2d7d945f56fb8a0232c586e71687b482e5285aab2f659c
SHA512

ff6d13aac910ea2032fc4db82ed104300c6e281d1ab1f88209ffdf11ecb4db97ce15dd6ca35f647cb4b6dd1dca0f4173f401dfb9dfc9a6200f2b3da0918c6032
SSDEEP

98304:ki+Z4Pkwz8cdFuS4k9S1J5MTy8kA0h3wrVUt2tp5KL2E:Tm4aS99S1ATfkA0h3Vt2Vo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74adc519d68b38fa9e2d7d945f56fb8a0232c586e71687b482e5285aab2f659c

Files

74adc519d68b38fa9e2d7d945f56fb8a0232c586e71687b482e5285aab2f659c
.dll windows:6 windows x64 arch:x64

6f3f93fa27a2ac896a858a8c107bfc6f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

WSACleanup

kernel32

ExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MessageBoxW

advapi32

CryptEnumProvidersW

shell32

SHGetFolderPathW

wintrust

WinVerifyTrust

crypt32

CertFreeCertificateContext

version

GetFileVersionInfoA

bcrypt

BCryptGenRandom

Exports

Exports

StartWeHelpWork
StopWeHelpWork

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 652KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

shared
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1230
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1231
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1001B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f3f93fa27a2ac896a858a8c107bfc6f

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

shell32

wintrust

crypt32

version

bcrypt

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 652KB - Virtual size: 652KB

.data Size: 20KB - Virtual size: 41KB

.pdata Size: 99KB - Virtual size: 98KB

_RDATA Size: 512B - Virtual size: 244B

shared Size: 512B - Virtual size: 8B

.1230 Size: 1.5MB - Virtual size: 1.5MB

.1231 Size: 108KB - Virtual size: 108KB

.reloc Size: 24KB - Virtual size: 23KB

.rsrc Size: 1024B - Virtual size: 1001B

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 652KB - Virtual size: 652KB

.data
Size: 20KB - Virtual size: 41KB

.pdata
Size: 99KB - Virtual size: 98KB

_RDATA
Size: 512B - Virtual size: 244B

shared
Size: 512B - Virtual size: 8B

.1230
Size: 1.5MB - Virtual size: 1.5MB

.1231
Size: 108KB - Virtual size: 108KB

.reloc
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 1024B - Virtual size: 1001B