06f5120db96e877c969fcff63d2f3ba74a840c078a98d77c6441c550857f243f

Sharing

Copy URL

Twitter E-mail

General

Target

06f5120db96e877c969fcff63d2f3ba74a840c078a98d77c6441c550857f243f
Size

715KB
MD5

22ebb5fd5decac1e661b4f635ae3a386
SHA1

1d713638efe23232af868882145eb5caa1a4f5cd
SHA256

06f5120db96e877c969fcff63d2f3ba74a840c078a98d77c6441c550857f243f
SHA512

d2523e48c7123d0d2d6b54388dbe158670f30bebe31a65bf39b29e3a88d77d5e02d034d2932bc08d69cddf770f9ece64e29e64aa5e43af4674020b6bc6c11801
SSDEEP

12288:/yMhutd7EqHSiqidzOGFEuO3HYSESXTKP9ZCydoBP9hlN0nZ:66qdOGGIS7iy1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06f5120db96e877c969fcff63d2f3ba74a840c078a98d77c6441c550857f243f

Files

06f5120db96e877c969fcff63d2f3ba74a840c078a98d77c6441c550857f243f
.dll windows:5 windows x64 arch:x64

ba807b875fe192ee237d1588349c8361

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcr100

_onexit
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
__C_specific_handler
_malloc_crt
_amsg_exit
_encoded_null
free
_initterm_e
_ctime64
_time64
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_cexit
__FrameUnwindFilter
_initterm
_lock

kernel32

GetTickCount
GetCurrentThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
Sleep
DecodePointer
EncodePointer
SetThreadAffinityMask

vcomp100

_vcomp_for_static_simple_init
_vcomp_for_static_end
_vcomp_fork

mscoree

_CorDllMain

Sections

.text
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nep
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wibu
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba807b875fe192ee237d1588349c8361

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

vcomp100

mscoree

Sections

.text Size: 329KB - Virtual size: 329KB

.nep Size: 512B - Virtual size: 96B

.rdata Size: 119KB - Virtual size: 118KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 180B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 84B

.wibu Size: 261KB - Virtual size: 260KB

.text
Size: 329KB - Virtual size: 329KB

.nep
Size: 512B - Virtual size: 96B

.rdata
Size: 119KB - Virtual size: 118KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 180B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 84B

.wibu
Size: 261KB - Virtual size: 260KB