76b1cccd0d1612818c805700fcb951cd

Sharing

Copy URL Twitter E-mail

General

Target

76b1cccd0d1612818c805700fcb951cd
Size

252KB
MD5

76b1cccd0d1612818c805700fcb951cd
SHA1

8af5a6244e19caf1123e15d5aca38251ee5b4298
SHA256

4b30cee6195ac95fa9e066339cd414042f40a78e06111df7d42be6a8ba509b4e
SHA512

8feea7bd46e5f5ba2765f6ce74abc181a10cb087869221a63c7f990b760c7c7cf06c90d214bc8ae0b9dcb1e25a0a393fb4eee56b3c4df0b5dcbc6cca0c1f4106
SSDEEP

6144:1djiPeKybbyBsyiPt83+rAsXumKj2maw1WCujX1enCbGH8:1dmKbbyKyG83+qj2maAWCuTnbGH8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76b1cccd0d1612818c805700fcb951cd

Files

76b1cccd0d1612818c805700fcb951cd
.dll windows:4 windows x86 arch:x86

3fa251a0da3d8fe65a1c81e5e0a83a6f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindNextFileA
DeleteCriticalSection
FindFirstFileA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateProcessA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
SetFileAttributesA
CopyFileA
GetLastError
GetSystemDefaultLangID
HeapFree
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
ExitProcess
RtlUnwind
CloseHandle
InterlockedDecrement
InterlockedIncrement
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
ReadFile
CreateFileA
GetCPInfo
LCMapStringA
LCMapStringW
SetFilePointer
GetACP
GetOEMCP
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA

advapi32

RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegOpenKeyA
RegDeleteValueA

Exports

Exports

PS2DeviceInstall
PerformGlobalInstallPostProcessing
SerDeviceInstall
USBDeviceInstall

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3fa251a0da3d8fe65a1c81e5e0a83a6f

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 192KB - Virtual size: 196KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 192KB - Virtual size: 196KB

.reloc
Size: 8KB - Virtual size: 4KB