f562ac7e7b33e1f2da92570705c5a8a0370c2b9ba4cf820b57aab8bc59fbdf93

Sharing

Copy URL Twitter E-mail

General

Target

f562ac7e7b33e1f2da92570705c5a8a0370c2b9ba4cf820b57aab8bc59fbdf93
Size

624KB
MD5

ee93d580196cb23dd6f2fd40793b6675
SHA1

f1300cf96ff3e431f051c6e45797bb37b9bb1119
SHA256

f562ac7e7b33e1f2da92570705c5a8a0370c2b9ba4cf820b57aab8bc59fbdf93
SHA512

775bbc6a8d33753837a1a364983255d0d20102950356c163121dc0a63e523d4e511d8afcfc0dfd6086d85d1ff6ea0d51cf045c59fc33c6f17e592fc9428695b5
SSDEEP

12288:CcxJCN8rsvhupO0Ff+1X0/e6Y182uUkF38MGOHhEu6YUfL:CMrsvZwIX0A14NE0UfL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f562ac7e7b33e1f2da92570705c5a8a0370c2b9ba4cf820b57aab8bc59fbdf93

Files

f562ac7e7b33e1f2da92570705c5a8a0370c2b9ba4cf820b57aab8bc59fbdf93
.dll windows:5 windows x64 arch:x64

64e926090cd437f1f7860f274f82eeb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcr100

_onexit
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
__C_specific_handler
_amsg_exit
_malloc_crt
_encoded_null
free
_initterm_e
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_cexit
__FrameUnwindFilter
_initterm
_lock

kernel32

GetCurrentThreadId
GetCurrentThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
Sleep
DecodePointer
EncodePointer
SetThreadAffinityMask

vcomp100

_vcomp_for_static_simple_init
_vcomp_for_static_end
_vcomp_fork

mscoree

_CorDllMain

Sections

.text
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nep
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.wibu
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64e926090cd437f1f7860f274f82eeb4

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

vcomp100

mscoree

Sections

.text Size: 208KB - Virtual size: 208KB

.nep Size: 512B - Virtual size: 48B

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 512B - Virtual size: 180B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 48B

.wibu Size: 278KB - Virtual size: 278KB

.text
Size: 208KB - Virtual size: 208KB

.nep
Size: 512B - Virtual size: 48B

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 512B - Virtual size: 180B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 48B

.wibu
Size: 278KB - Virtual size: 278KB