1b724bb98236116f697a0d6de73766c629a5de249533574461c535110d6d3d61

Sharing

Copy URL

Twitter E-mail

General

Target

1b724bb98236116f697a0d6de73766c629a5de249533574461c535110d6d3d61
Size

239KB
MD5

2592097ec2a5a0d7111d6117683b5d02
SHA1

7b6538768b9928456cd9e844acf6287dfb083962
SHA256

1b724bb98236116f697a0d6de73766c629a5de249533574461c535110d6d3d61
SHA512

ac3b369b0665645d8412b822e6211fb11302dde2a8623308dceb39de2b287376f55d104ec78746e592f6e0a090b74caaa1def48e17f4fd4fdef6c66f371c5375
SSDEEP

3072:w6o7VyVtscWvrS+Nd5K4Cd6DnWQjnIdq8EF/0BwD:w6o70VAvm+Nd5KGWQMU8EF8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1b724bb98236116f697a0d6de73766c629a5de249533574461c535110d6d3d61

Files

1b724bb98236116f697a0d6de73766c629a5de249533574461c535110d6d3d61
.dll windows:6 windows x86 arch:x86

74677bceff03126c73f87ad5af3a330a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

commondatasetbase

?CopyLen@StringHelper@common@@YA_NPADIPBDZZ
??1TimeStamp@common@@QAE@XZ
??0TimeStamp@common@@QAE@_J@Z
??1DateTime@common@@QAE@XZ
??0DateTime@common@@QAE@ABVTimeStamp@1@@Z

kernel32

DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount64
DisableThreadLibraryCalls
EncodePointer

msvcp110

?_Swap_all@_Container_base0@std@@QAEXAAU12@@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr110

strtol
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_vsnprintf
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
tolower
??2@YAPAXI@Z
realloc
??3@YAXPAX@Z
_purecall
malloc
free
memmove
_CxxThrowException
__CxxFrameHandler3
_libm_sse2_cos_precise
memcpy
memset

Exports

Exports

CreateOriginalDataFormater
FreeFileHandle

Sections

.text
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

74677bceff03126c73f87ad5af3a330a

Headers

DLL Characteristics

File Characteristics

Imports

commondatasetbase

kernel32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 184KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 184KB - Virtual size: 184KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 20KB - Virtual size: 19KB