9852264b03c9faac2c7fcb0ff94d7c39

Sharing

Copy URL Twitter E-mail

General

Target

9852264b03c9faac2c7fcb0ff94d7c39
Size

292KB
MD5

9852264b03c9faac2c7fcb0ff94d7c39
SHA1

eb7be0c41ef225436873505b665071d6cbc8eee9
SHA256

42f9b522ee72656a54bf8da4040f2048a0c2aa21f7cc5a2a36607d182eebde58
SHA512

aec1fc7d87b7252fd5221bbe00d068cf4b9f1a519b11f3c1c1cd357e4db6ed4473a19c5f0fdf57bec5494636422468de9cd62857f3cd243de4e6c312e7bd4ca0
SSDEEP

6144:WRW7plOSpk09Z63+W1uLtc08pJYeQCc/z1G:Wwj8voLR8ovRG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9852264b03c9faac2c7fcb0ff94d7c39

Files

9852264b03c9faac2c7fcb0ff94d7c39
.dll windows:4 windows x86 arch:x86

07be3823f3adc6b3ae65fedf5cdf06cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\cbs\build\1176889230\in\cadi\Src\dbacs\Release\unicode\DBACSU.pdb

Imports

kernel32

lstrlenW
lstrcpyW
lstrcmpW
WaitForSingleObject
ReleaseMutex
CreateMutexW
lstrcatW
CloseHandle
SetFilePointer
LockFile
UnlockFile
ReadFile
CreateFileW
GetFileSize
FlushFileBuffers
WriteFile
OpenFileMappingW
VirtualQuery
MapViewOfFile
CreateFileMappingW
GetLastError
UnmapViewOfFile
FlushViewOfFile
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
RaiseException
ExitProcess
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
GetTimeZoneInformation
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

CreateDevRegInstance

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sVBDFil
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sVBDFil
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sCRegis
Size: 4KB - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

07be3823f3adc6b3ae65fedf5cdf06cc

Headers

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 10KB

.sVBDFil Size: 8KB - Virtual size: 4KB

.sVBDFil Size: 8KB - Virtual size: 4KB

.sCRegis Size: 4KB - Virtual size: 352B

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text Size: 112KB - Virtual size: 112KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 10KB

.sVBDFil
Size: 8KB - Virtual size: 4KB

.sVBDFil
Size: 8KB - Virtual size: 4KB

.sCRegis
Size: 4KB - Virtual size: 352B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 112KB - Virtual size: 112KB