851fb5cad61b8de7ad6ef923b9372d92a62f1c12de2d17cb53100bdff738624c

Sharing

Copy URL

Twitter E-mail

General

Target

851fb5cad61b8de7ad6ef923b9372d92a62f1c12de2d17cb53100bdff738624c
Size

190KB
MD5

f96f00fa659b589a7fafe600e8336ebf
SHA1

3af189d2a1bf22413f684411f3e9db66bfb9cae5
SHA256

851fb5cad61b8de7ad6ef923b9372d92a62f1c12de2d17cb53100bdff738624c
SHA512

55b9f023f676ef2a691e66f01ab8deceed8780b3bd02cd0b794f085b05985c79e8d30c87084b97db46aa206ef910af92f8766228162c04b8e049ba314d7ae758
SSDEEP

3072:nU/ibmfwOv9aOawOWE8Voluv9RjkFWXeI5EwuEM4r27xo:nU/ijOv9a15WBClubj6rSDuEM4r27

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
851fb5cad61b8de7ad6ef923b9372d92a62f1c12de2d17cb53100bdff738624c

Files

851fb5cad61b8de7ad6ef923b9372d92a62f1c12de2d17cb53100bdff738624c
.dll windows:6 windows x86 arch:x86

e54f9caab476c8effda0dfff5daeb4d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

commondatasetbase

?GetModuleDir@Environment@common@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAX@Z
?CopyLen@StringHelper@common@@YA_NPADIPBDZZ
??1TimeStamp@common@@QAE@XZ
??0TimeStamp@common@@QAE@_J@Z
??1DateTime@common@@QAE@XZ
??0DateTime@common@@QAE@ABVTimeStamp@1@@Z

kernel32

GetProcAddress
FreeLibrary
LoadLibraryA
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount64
DisableThreadLibraryCalls
EncodePointer

msvcp110

?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Winerror_map@std@@YAPBDH@Z

msvcr110

sprintf
strtol
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
??1type_info@@UAE@XZ
_vsnprintf
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
memcpy
_libm_sse2_cos_precise
__RTDynamicCast
__CxxFrameHandler3
_CxxThrowException
realloc
memchr
??_V@YAXPAX@Z
malloc
free
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
memmove
memset

Exports

Exports

CreateOriginalDataFormater
FreeFileHandle

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e54f9caab476c8effda0dfff5daeb4d5

Headers

DLL Characteristics

File Characteristics

Imports

commondatasetbase

kernel32

msvcp110

msvcr110

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 41KB - Virtual size: 40KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 872B

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 41KB - Virtual size: 40KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 872B

.reloc
Size: 34KB - Virtual size: 34KB