dc7042d67c1188d249b34cf248b2f71bd9bf2126536ed306b12fa73e03c097bb

Sharing

Copy URL

Twitter E-mail

General

Target

dc7042d67c1188d249b34cf248b2f71bd9bf2126536ed306b12fa73e03c097bb
Size

282KB
MD5

b077e71f22eb60aebdc1342eeceff1d1
SHA1

f171f755c5fe700a998e83fcc9f892a600a54740
SHA256

dc7042d67c1188d249b34cf248b2f71bd9bf2126536ed306b12fa73e03c097bb
SHA512

74434557db77798dd0b0c52adbc2f6cfd2cc1166efccb7a6f032d84bad2e4ba1080c5b047c7c2850796e960419fd10f8cd7b5f5bd9a550559f10a124550bfd27
SSDEEP

3072:Y7F4hL13ian1smXYYyPhPZ9BrFsyAN56ajTfWAio+KDVqGG3zRBgoEs:tLRHn1smIRSyM6afWAiohPG3lB3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc7042d67c1188d249b34cf248b2f71bd9bf2126536ed306b12fa73e03c097bb

Files

dc7042d67c1188d249b34cf248b2f71bd9bf2126536ed306b12fa73e03c097bb
.dll windows:6 windows x86 arch:x86

98a0176cb5c06fe312db50539c2851a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\UserData\Feidesktop\ARTFAPI\Output\AtrfWLAN.pdb

Imports

kernel32

ReleaseMutex
CreateMutexA
WaitForSingleObject
FreeLibrary
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
DisableThreadLibraryCalls

atrfcommon

Atrf_Error_Instance_Get
Atrf_IO_ExecuteDir_Get
Atrf_Scpi_Transmit
Atrf_Error_Set
Atrf_Error_Clear
Atrf_Error_ErrCode_Get
Atrf_Error_ErrMsgLength_Get
log_write
Atrf_Error_ErrMsg_Get

msvcr120

fopen
fread
ftell
fseek
strtok_s
sprintf_s
atof
printf
fputc
fwrite
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
strstr
strtod
??2@YAPAXI@Z
??3@YAXPAX@Z
sprintf
strncpy
malloc
free
fclose
_CIatan2
_libm_sse2_cos_precise
_libm_sse2_log10_precise
_libm_sse2_log_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
memcpy
memset

Exports

Exports

AtrfWLan_Init
AtrfWLan_LastErrCode_Get
AtrfWLan_Release
AtrfWLan_Version_Get
AtrfWlan_LastErrMsgLength_Get
AtrfWlan_LastErrMsg_Get
AtrfWlan_LastErr_Get

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 683.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98a0176cb5c06fe312db50539c2851a5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

atrfcommon

msvcr120

Exports

Exports

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 89KB - Virtual size: 89KB

.data Size: 512B - Virtual size: 683.9MB

_RDATA Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 89KB - Virtual size: 89KB

.data
Size: 512B - Virtual size: 683.9MB

_RDATA
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 21KB - Virtual size: 20KB