dcc81448c6c616163d420628232cff928583f7326cbb2304e02ff236ed16f324

General

Target

dcc81448c6c616163d420628232cff928583f7326cbb2304e02ff236ed16f324
Size

1.6MB
MD5

6805483db7959c39be29b74d9d69a8b8
SHA1

727c095dd6b87c9f8486f37cdca8c7884a2462ce
SHA256

dcc81448c6c616163d420628232cff928583f7326cbb2304e02ff236ed16f324
SHA512

be15e73da0b7fcd73dbd0a07a9a744f779f2e66b5961efc5b98d6c0182188769440e54d0a6fa31d99a947978379d784630b3cd51d8077a51c9ae0e29ea59660f
SSDEEP

49152:l1DJM8uq/H1oEei4JrkdD89hc7c1J/I98Ahp:ljM8j1+iyUQ9Kg1I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dcc81448c6c616163d420628232cff928583f7326cbb2304e02ff236ed16f324

Files

dcc81448c6c616163d420628232cff928583f7326cbb2304e02ff236ed16f324
.dll windows:5 windows x86 arch:x86

6cce9063e09e38920ae5d864beffd21c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey

msacm32

acmDriverClose

kernel32

GetBinaryTypeW
GetProcessShutdownParameters
UnhandledExceptionFilter
GetModuleFileNameW
SetTapePosition
GetProcessTimes
GetNumberOfConsoleInputEvents
GetCurrentThreadId
GetFileSize
GetModuleFileNameA
EnterCriticalSection
Process32FirstW
GetQueuedCompletionStatus

msvcrt

memset

gdi32

PaintRgn
SetTextAlign
SetMapperFlags
SaveDC
StrokePath

shlwapi

StrFormatByteSizeA

user32

ValidateRgn
GetMenu
SetCursorPos
RegisterClassExW
GetScrollInfo

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 628KB - Virtual size: 625KB

IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

W7
Size: 532KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xCv9q
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cce9063e09e38920ae5d864beffd21c

Headers

File Characteristics

Imports

advapi32

msacm32

kernel32

msvcrt

gdi32

shlwapi

user32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 628KB - Virtual size: 625KB

.data Size: 88KB - Virtual size: 85KB

W7 Size: 532KB - Virtual size: 528KB

xCv9q Size: 380KB - Virtual size: 377KB

.rsrc Size: 4KB - Virtual size: 880B

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 628KB - Virtual size: 625KB

.data
Size: 88KB - Virtual size: 85KB

W7
Size: 532KB - Virtual size: 528KB

xCv9q
Size: 380KB - Virtual size: 377KB

.rsrc
Size: 4KB - Virtual size: 880B

.reloc
Size: 12KB - Virtual size: 10KB