6c2708c5d7dc071ae5b76d1d5d0196ecedef12fe596229ac191535c57627148f

Sharing

Copy URL

Twitter E-mail

General

Target

6c2708c5d7dc071ae5b76d1d5d0196ecedef12fe596229ac191535c57627148f
Size

240KB
MD5

6a2ecd5487743d4129c23bbebe95e2e3
SHA1

431d87b53a8da69dfc60de90d2fa3f63a6c9fd15
SHA256

6c2708c5d7dc071ae5b76d1d5d0196ecedef12fe596229ac191535c57627148f
SHA512

5d2bb8ecb90228158c3b5a1f36bd05d7ff0b7c19c301aa20d8340dd3e3f2b3991b6f8a2d031a628af821aa5c6c5492e8201078182915aee7a1237c0b6a2ab39f
SSDEEP

3072:YmybuLkbiPXYu+MY3XpLd8VnQtyCCxEvRWCWa+NTPdJu6lhAOkSSs:YmpLkifY/MWXYQ3ntAm6D6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6c2708c5d7dc071ae5b76d1d5d0196ecedef12fe596229ac191535c57627148f

Files

6c2708c5d7dc071ae5b76d1d5d0196ecedef12fe596229ac191535c57627148f
.dll windows:6 windows x86 arch:x86

82accfed58fe4bf25f4d5bb69df8e978

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
GetTimeZoneInformation
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
MultiByteToWideChar
SystemTimeToFileTime
GetLocalTime
WaitForSingleObject
GetTickCount
TerminateThread
GetModuleFileNameA
CreateEventA
SetCommMask
WaitCommEvent
CloseHandle
ResumeThread
CreateFileA
SetupComm
ClearCommError
GetCommState
WriteFile
SetCommState
SetCommTimeouts
ReadFile
GetOverlappedResult
GetCommTimeouts
PurgeComm
Sleep
GetLastError
SetEndOfFile
CreateFileW
SetStdHandle
ReadConsoleW
EnumSystemLocalesEx
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
EncodePointer
DecodePointer
InitializeCriticalSectionEx
GetLocaleInfoEx
GetStringTypeW
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
HeapFree
HeapAlloc
HeapReAlloc
CreateThread
GetCurrentThreadId
ExitThread
LoadLibraryExW
GetCommandLineA
RaiseException
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetCPInfo
IsProcessorFeaturePresent
IsDebuggerPresent
ExitProcess
AreFileApisANSI
HeapSize
OutputDebugStringW
LoadLibraryW
IsValidCodePage
GetACP
GetOEMCP
SetLastError
InitOnceExecuteOnce
GetStartupInfoW
GetProcessHeap
SetFilePointerEx
FlushFileBuffers
GetConsoleCP
GetConsoleMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
GetCurrentProcess
TerminateProcess
GetModuleHandleW
QueryPerformanceCounter
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointer
CompareStringEx
GetUserDefaultLocaleName
LCMapStringEx
IsValidLocaleName
SetEnvironmentVariableA

Exports

Exports

ConnectDevice
CreateDeviceHandle
DeviceLost
DisconnectDevice
FreeDeviceHandle
GainVersion
GetDeviceState
PauseLog
ReadBuffer
ReadBufferType
ReadedData
RestoreLog
ResumeLog
SetDeviceConfigs
SetReadIOInterval
StartLog
StopLog

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

82accfed58fe4bf25f4d5bb69df8e978

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 7KB - Virtual size: 15KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 7KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 34KB - Virtual size: 34KB