295434cbad0b4cf199b0019e0f9c4458ee002c035d12d45c1bcf823c703c8c3c

Sharing

Copy URL Twitter E-mail

General

Target

295434cbad0b4cf199b0019e0f9c4458ee002c035d12d45c1bcf823c703c8c3c
Size

109KB
MD5

75b609fca5e63bf1ed3e43d55cff9378
SHA1

e24c26b06f6f436bfe19f649d1b6a979055631e9
SHA256

295434cbad0b4cf199b0019e0f9c4458ee002c035d12d45c1bcf823c703c8c3c
SHA512

5a08efd86799b2a78f20fe22629b4c514e188364298d1afafc4597aa832c71d2ee2e74770f877b6046389473126f96910f3ffaef428d5d3ef30193bdd8c8367c
SSDEEP

1536:39gbgwb0fL8kMXqujjTNnWjjjuZ0ny5kaAEQFkYF/95IUZS4sGJLY/zDEM:HQ0W6C3kaPQ7TsOYfEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
295434cbad0b4cf199b0019e0f9c4458ee002c035d12d45c1bcf823c703c8c3c

Files

295434cbad0b4cf199b0019e0f9c4458ee002c035d12d45c1bcf823c703c8c3c
.dll windows:6 windows x86 arch:x86

1bdc1e161f844ba492256c9dbf20f4c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

commondatasetbase

?GetModuleDir@Environment@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAX@Z
?CopyLen@StringHelper@common@@YA_NPADIPBDZZ
?GUIDToString@GUIDHelper@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABUtag_GUID@2@@Z
?CreateGUID@GUIDHelper@common@@SA_NAAUtag_GUID@2@@Z
?IsValid@Logger@common@@QAE_NXZ
?WriteLog@Logger@common@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?Flush@Logger@common@@QAE_NXZ
??0Logger@common@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_N@Z

ws2_32

htons

kernel32

DisableThreadLibraryCalls
GetTickCount64
GetProcAddress
FreeLibrary
LoadLibraryA
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
EncodePointer

msvcp110

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr110

free
??_V@YAXPAX@Z
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_vsnprintf
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
memmove
memcpy
__CxxFrameHandler3
_CxxThrowException
memset

Exports

Exports

ConfigComplexProperty
ConfigKeyInfo
CreateVolteDecoderHandle
FreeVolteDecoderHandle
PushCommonOriginalData

Sections

.text
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1bdc1e161f844ba492256c9dbf20f4c0

Headers

DLL Characteristics

File Characteristics

Imports

commondatasetbase

ws2_32

kernel32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 67KB - Virtual size: 66KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 67KB - Virtual size: 66KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 8KB - Virtual size: 7KB