7ecbbc4c75436f3954b287ea2543f02d2afceb52e530454e92e58327b9e6352d

Sharing

Copy URL

Twitter E-mail

General

Target

7ecbbc4c75436f3954b287ea2543f02d2afceb52e530454e92e58327b9e6352d
Size

1.0MB
MD5

ee82b75940bc74fc6e0a99d2fe68fb68
SHA1

64ebb40b03103bc0b318f60f41e70d66bcc462ce
SHA256

7ecbbc4c75436f3954b287ea2543f02d2afceb52e530454e92e58327b9e6352d
SHA512

0cd381e5fe986758b79af4256f18295a301bef5d9f5708219f1017a1a4a19cc10e85c03587207b91a9c603793f5e0a5179ada1ff991be75217b0e8930ea06449
SSDEEP

24576:RCZfxCtxDxCIWrHeVvnEXVM+59FAVFPtZtbTuHno:cZfxCtxDxCIWr+VvoJ59FAVFPtZ0Hno

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7ecbbc4c75436f3954b287ea2543f02d2afceb52e530454e92e58327b9e6352d

Files

7ecbbc4c75436f3954b287ea2543f02d2afceb52e530454e92e58327b9e6352d
.dll windows:6 windows x86 arch:x86

aa71ab3925db3079d94739701c12c106

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetModuleHandleExA
FreeLibrary
GetModuleFileNameA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
CreateFileW
CloseHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
GetStringTypeW
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
ExitProcess
HeapSize
WriteFile
GetProcessHeap
OutputDebugStringW
LoadLibraryExW
LoadLibraryW
IsValidCodePage
GetACP
GetOEMCP
SetLastError
InitOnceExecuteOnce
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
LCMapStringEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle

ws2_32

inet_addr

Exports

Exports

CreateDLMessageParser
FreeDLMessageParser
RegisterWriteLogCallBack
SetFilterXmlConfigFilePathInterface
SetFilterXmlConfigVersionInterface

Sections

.text
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 90KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa71ab3925db3079d94739701c12c106

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 852KB - Virtual size: 851KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 90KB - Virtual size: 98KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 46KB - Virtual size: 46KB

.text
Size: 852KB - Virtual size: 851KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 90KB - Virtual size: 98KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 46KB - Virtual size: 46KB