8da1aa493fc55f808ab87d9c4ec66b1b

Sharing

Copy URL Twitter E-mail

General

Target

8da1aa493fc55f808ab87d9c4ec66b1b
Size

875KB
MD5

8da1aa493fc55f808ab87d9c4ec66b1b
SHA1

314ebe23861be0b7b9e368428c438485d4b70674
SHA256

ab7eea20cc86326130b37b3a2cf7f5bd71ba98ed878a8919760c83302904c4b1
SHA512

5af5c2addfa6dac3b9cf3b683a662ea899f583fa85d3053bb44deaf9fc491c8a51e9db7edaa0be6869bb7e40bc367547e6d9554dea218688739856ed4a85be03
SSDEEP

24576:+KPW9XAGo4yp768ZAGv/65aeGZSTV5gVDW:+NyF6y/JZST/yDW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8da1aa493fc55f808ab87d9c4ec66b1b

Files

8da1aa493fc55f808ab87d9c4ec66b1b
.dll windows:5 windows

8cdb4baf665ed05862aed02d3b707108

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

host.pdb

Imports

kernel32

HeapAlloc
HeapFree
GetModuleHandleExW
LocalFree
FreeLibrary
VirtualAlloc
GetModuleHandleA
LoadLibraryExW
GetCurrentProcess
GetCurrentProcessId
Module32FirstW
Module32NextW
SetLastError
lstrcpyA
lstrcatA
LoadLibraryA
CreateFileW
SetFilePointer
WriteFile
GetFileSize
ReadFile
GetDriveTypeW
FindFirstFileW
FindClose
GetProcessHeap
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
FindNextFileW
DeleteFileW
MoveFileW
MoveFileExW
GetVersionExW
GetTempPathW
ExpandEnvironmentStringsA
VirtualFree
VirtualProtect
LoadLibraryExA
CreateFileA
GlobalFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
ReleaseMutex
LeaveCriticalSection
DeviceIoControl
InterlockedDecrement
ExitProcess
CreateEventW
SetEvent
GetLocalTime
SetEndOfFile
Process32NextW
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
GetTickCount
WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
FreeConsole
Sleep
OutputDebugStringA
CreateThread
CloseHandle
GetProcAddress
LoadLibraryW
InitializeCriticalSectionAndSpinCount
CreateDirectoryW
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
OutputDebugStringW
GetStringTypeW
ReadConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
GetCommandLineA
GetCurrentThreadId
GetLastError
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
GetFileType
GetModuleFileNameW
WriteConsoleW
RaiseException
RtlUnwind
HeapReAlloc
InterlockedIncrement
AreFileApisANSI
HeapSize
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
lstrlenA

user32

DispatchMessageW
GetMessageW
SetTimer

advapi32

GetUserNameA
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA
SetServiceStatus
RegisterServiceCtrlHandlerW

shell32

ShellExecuteExW

ole32

CoInitializeSecurity
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
VariantClear
SysFreeString
VariantInit

rasapi32

RasEnumConnectionsW

Exports

Exports

ServiceMain

Sections

.text
Size: 659KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8cdb4baf665ed05862aed02d3b707108

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

rasapi32

Exports

Exports

Sections

.text Size: 659KB - Virtual size: 659KB

.rdata Size: 114KB - Virtual size: 113KB

.data Size: 10KB - Virtual size: 22KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 89KB - Virtual size: 89KB

.text
Size: 659KB - Virtual size: 659KB

.rdata
Size: 114KB - Virtual size: 113KB

.data
Size: 10KB - Virtual size: 22KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 89KB - Virtual size: 89KB