86043572df1eb246ac76a227f6714bde

Sharing

Copy URL Twitter E-mail

General

Target

86043572df1eb246ac76a227f6714bde
Size

3.0MB
MD5

86043572df1eb246ac76a227f6714bde
SHA1

bead769ded4445addd232d8432215ba64d2a7996
SHA256

6640724ab609a8d4d1cc3963cb9e9d271a54cb1e387b178b7596ea57ce5e6614
SHA512

3f76ba50c014ebb243071a30c1038267118d18cd502e7f71e264447953be72109b1b1819ace5ba4c781eb8068befa783e62152d8936c8df0e37e58d9a576cd28
SSDEEP

49152:5YDtm94fh932FUi/E/xuCWaPFkp87D0C2L06:5YDVfhYFUv/lUCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86043572df1eb246ac76a227f6714bde

Files

86043572df1eb246ac76a227f6714bde
.dll windows:6 windows x86 arch:x86

da1edb4708da523a1057a7cda8279f2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
CloseHandle
GetCurrentProcess
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
LoadLibraryA
K32GetModuleInformation
CreateToolhelp32Snapshot
Process32First
Process32Next
IsDebuggerPresent
DebugBreak
OutputDebugStringA
ExitProcess
CreateThread
Sleep
TerminateProcess
OpenProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeSListHead

msvcp140

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?uncaught_exception@std@@YA_NXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Xlength_error@std@@YAXPBD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ

vcruntime140

memset
_except_handler4_common
__current_exception_context
memmove
memcmp
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcpy
__std_type_info_destroy_list
__current_exception

api-ms-win-crt-string-l1-1-0

strlen
strcmp

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_crt_atexit
_invalid_parameter_noinfo_noreturn
_cexit

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

da1edb4708da523a1057a7cda8279f2c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 101KB - Virtual size: 100KB

.rdata Size: 2.8MB - Virtual size: 2.8MB

.data Size: 108KB - Virtual size: 109KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 101KB - Virtual size: 100KB

.rdata
Size: 2.8MB - Virtual size: 2.8MB

.data
Size: 108KB - Virtual size: 109KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 4KB - Virtual size: 3KB