6ba34535db79254417bfdbe96cdbc7dff04d3d4cec61ed2022b13c2f0a321ed5

General

Target

6ba34535db79254417bfdbe96cdbc7dff04d3d4cec61ed2022b13c2f0a321ed5
Size

2.6MB
MD5

27eb206e6eae917a932932a58a5605dd
SHA1

65e34b2741974f1d70c8cbf22c3a08ec87919fd8
SHA256

6ba34535db79254417bfdbe96cdbc7dff04d3d4cec61ed2022b13c2f0a321ed5
SHA512

3df7a0acb8a44bb4ce9f1ae756168c820998b6a632f318bb404dde4219bb647eef189e017eaa3fe461a320a446c336a1814d788f46e559ba8138f73630ab4bf0
SSDEEP

24576:7fVDlUid0qEdAsVj8A46BC8mLabJebLIqCf:RlSDVj8A46BC8mLabMbLIqCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ba34535db79254417bfdbe96cdbc7dff04d3d4cec61ed2022b13c2f0a321ed5

Files

6ba34535db79254417bfdbe96cdbc7dff04d3d4cec61ed2022b13c2f0a321ed5
.dll windows:6 windows x86 arch:x86

2a32aed34cad2a3a2e947a760b43c552

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp110

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z

msvcr110

_purecall
??3@YAXPAX@Z
??2@YAPAXI@Z
free
malloc
realloc
??0exception@std@@QAE@XZ
_wassert
??_V@YAXPAX@Z
printf
calloc
_errno
_snprintf
_vsnprintf
bsearch
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
memchr
memmove
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
_CxxThrowException
__CxxFrameHandler3
memcpy
memset

kernel32

DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount64
DisableThreadLibraryCalls
EncodePointer

Exports

Exports

CreateDLOTAMessageParser
FreeDLOTAMessageParser

Sections

.text
Size: 350KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 341KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a32aed34cad2a3a2e947a760b43c552

Headers

DLL Characteristics

File Characteristics

Imports

msvcp110

msvcr110

kernel32

Exports

Exports

Sections

.text Size: 350KB - Virtual size: 349KB

.rdata Size: 282KB - Virtual size: 282KB

.data Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 341KB - Virtual size: 340KB

.text
Size: 350KB - Virtual size: 349KB

.rdata
Size: 282KB - Virtual size: 282KB

.data
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 341KB - Virtual size: 340KB