751d10595258ef491a13b945299f828f

Sharing

Copy URL

Twitter E-mail

General

Target

751d10595258ef491a13b945299f828f
Size

753KB
MD5

751d10595258ef491a13b945299f828f
SHA1

b1c71d288b876d35162f51d1d9eba926d06f8592
SHA256

b5a82ecb3b02c978287f89f66de23a31e391f6375ba90615fb8446daa349d50d
SHA512

fd49bc18488f616b7796f3490b80d90ef4c4884e13547003e48542dda3a0c2c11dafc4ac7a54688f6b35075d4a5a1a8349ab79ed6c8d365da880b3d9a5536a9e
SSDEEP

12288:29mI6Sob9aao0vLJeqdHDZhXJg+T4TsJO5fIP8Hz6SgwcJvZs2WPQD606+q:qBw9aaoe7NLg+vefI0Hz6SruRHbhZq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
751d10595258ef491a13b945299f828f

Files

751d10595258ef491a13b945299f828f
.dll windows:6 windows x64 arch:x64

ff987e47e05ca15eadd0f35f75d40bc0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

GetLastError
HeapFree
HeapSize
HeapReAlloc
HeapAlloc
GetProcessHeap
lstrlenA
lstrcpyA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateThread
DeleteCriticalSection
lstrlenW
LocalFree
lstrcpynA
lstrcmpA
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
HeapValidate
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
CloseHandle
GetSystemInfo
LoadLibraryW
HeapCompact
HeapDestroy
UnlockFile
LockFileEx
GetFileSize
GetCurrentProcessId
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
GetConsoleCP
SetStdHandle
GetStringTypeW
GetFileType
SetLastError
GetProcAddress
LoadLibraryA
Sleep
GetConsoleMode
GetModuleHandleA
SetFilePointerEx
WriteConsoleW
UnmapViewOfFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetCurrentProcess
TerminateProcess
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
GetACP
CompareStringW
LCMapStringW
GetTimeZoneInformation
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStdHandle

Exports

Exports

Control
FreeBuffer
Release
Start

Sections

.text
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff987e47e05ca15eadd0f35f75d40bc0

Headers

DLL Characteristics

File Characteristics

Imports

version

kernel32

Exports

Exports

Sections

.text Size: 605KB - Virtual size: 604KB

.rdata Size: 106KB - Virtual size: 106KB

.data Size: 10KB - Virtual size: 17KB

.pdata Size: 26KB - Virtual size: 26KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 605KB - Virtual size: 604KB

.rdata
Size: 106KB - Virtual size: 106KB

.data
Size: 10KB - Virtual size: 17KB

.pdata
Size: 26KB - Virtual size: 26KB

.reloc
Size: 4KB - Virtual size: 3KB