55665f80732268a9d0cc4d77dc15b1c311b5a86aca3812157ddfb5ed4fffc642

Sharing

Copy URL Twitter E-mail

General

Target

55665f80732268a9d0cc4d77dc15b1c311b5a86aca3812157ddfb5ed4fffc642
Size

151KB
MD5

61098109f2cbb92a8e578e6c00b37e5a
SHA1

2bac6363c37e8f3d132cb52e9ab91328dbd79450
SHA256

55665f80732268a9d0cc4d77dc15b1c311b5a86aca3812157ddfb5ed4fffc642
SHA512

75240e95955c81567c43b375ac720b4466a23dc52187729f943575d9d6556a427234a2a96ccef37bb931efe7ee5d548833085ad287fbdb5bf48e93d499e1319d
SSDEEP

3072:lc99joWbTLLcw8mHuPA1yI/GrFOYPRz17jUsZhmWPIfZ0TzwgaOEsu53/QT:s9LbTL8jbZhD+Z0Tzw5su

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55665f80732268a9d0cc4d77dc15b1c311b5a86aca3812157ddfb5ed4fffc642

Files

55665f80732268a9d0cc4d77dc15b1c311b5a86aca3812157ddfb5ed4fffc642
.dll windows:6 windows x86 arch:x86

49ad9f6f96f5803a6deabec8ac8ddcd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

commondatasetbase

?GetModuleDir@Environment@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAX@Z
?IsValid@XmlNode@common@@QBE_NXZ
?GetNodeName@XmlNode@common@@QBEPBDXZ
?GetNextSibling@XmlNode@common@@QBE?AV12@XZ
?GetFirstChild@XmlNode@common@@QBE?AV12@XZ
?GetChildByName@XmlNode@common@@QBE?AV12@PBD@Z
?GetAttr@XmlNode@common@@QBEPADPBD@Z
?GetNodeByName@XmlDoc@common@@QBE?AVXmlNode@2@PBD@Z
?LoadXml@XmlDoc@common@@QAE_NPBD@Z

kernel32

GetProcAddress
FileTimeToDosDateTime
FindFirstFileW
FindClose
FileTimeToLocalFileTime
MultiByteToWideChar
FreeLibrary
LoadLibraryA
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount64
DisableThreadLibraryCalls
EncodePointer

msvcp110

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr110

ceil
strtol
??_V@YAXPAX@Z
_wassert
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
memcpy
floor
__RTDynamicCast
realloc
memchr
malloc
free
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
memmove
_CxxThrowException
__CxxFrameHandler3
memset

Exports

Exports

CreateCommonSPInfoFactory
FreeSPInfoFactory

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49ad9f6f96f5803a6deabec8ac8ddcd9

Headers

DLL Characteristics

File Characteristics

Imports

commondatasetbase

kernel32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 7KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 18KB - Virtual size: 17KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 18KB - Virtual size: 17KB