4174000b65b3697b37a7cb0ca3f87b2723caa44c5f2324dff06b744602a17d4b

Sharing

Copy URL

Twitter E-mail

General

Target

4174000b65b3697b37a7cb0ca3f87b2723caa44c5f2324dff06b744602a17d4b
Size

1.6MB
MD5

e361a255bcdc758c8fb29a69b1ee5105
SHA1

90c9642b28338fc545feaf521061782bde9d592d
SHA256

4174000b65b3697b37a7cb0ca3f87b2723caa44c5f2324dff06b744602a17d4b
SHA512

ad32d9e40bff2baf025dfa4c9abdebccfabda0a412afac99b05b75985392e794918a675c291b142a331ee74cda2f1a5f449e98a5c8ae538703533679586b7275
SSDEEP

49152:0Cc2ZZdDSdfTzkrFQbsKcrdr0X0RXWclALDScwZMHHm:DFJ0kRXWD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
4174000b65b3697b37a7cb0ca3f87b2723caa44c5f2324dff06b744602a17d4b

Files

4174000b65b3697b37a7cb0ca3f87b2723caa44c5f2324dff06b744602a17d4b
.dll windows:6 windows x86 arch:x86

714c1646e3a223c2ddced93621034acc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetModuleHandleExA
FreeLibrary
GetModuleFileNameA
GetSystemTimeAsFileTime
FileTimeToSystemTime
GetTimeZoneInformation
GetProcAddress
LoadLibraryA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SetEndOfFile
CreateFileW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
InitializeCriticalSectionEx
Sleep
GetLocaleInfoEx
GetStringTypeW
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
ExitProcess
AreFileApisANSI
HeapSize
WriteFile
GetProcessHeap
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
IsValidCodePage
GetACP
GetOEMCP
SetLastError
InitOnceExecuteOnce
GetStartupInfoW
ReadFile
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
CloseHandle
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
SetFilePointer
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
EnumSystemLocalesEx
ReadConsoleW
SetStdHandle

ws2_32

inet_addr

Exports

Exports

CreateDLMessageParser
FreeDLMessageParser
RegisterWriteLogCallBack
SetFilterXmlConfigFilePathInterface
SetFilterXmlConfigVersionInterface

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

714c1646e3a223c2ddced93621034acc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 201KB - Virtual size: 200KB

.data Size: 104KB - Virtual size: 112KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 67KB - Virtual size: 67KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 201KB - Virtual size: 200KB

.data
Size: 104KB - Virtual size: 112KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 67KB - Virtual size: 67KB