aad4dddc5b127167f396dc00a115eebb

General

Target

aad4dddc5b127167f396dc00a115eebb
Size

255KB
MD5

aad4dddc5b127167f396dc00a115eebb
SHA1

84928b9475fb8b5a179797ad919c39736f1f2b32
SHA256

bf0f69f926bbbabba866c51be94c90e0d0999356931657a6471410b6dc418618
SHA512

326c35ec2bea22faa98e8deb289b14f0a77642308671298c6e1bbf5f600f1f794484a7361c0dd521c6fceed1cd2deb59ec77f46bac6037fb04d1d09a94ba06d7
SSDEEP

6144:LnY02I5rDkVmGOydOjlY2ljts9zoGbBXgfsKuyKef:LYJYrDcLEY2ERbtI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aad4dddc5b127167f396dc00a115eebb

Files

aad4dddc5b127167f396dc00a115eebb
.dll regsvr32 windows:5 windows x86 arch:x86

db5e0345401947c99c6eaca45ab11831

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapFree
GetProcessHeap
GetLastError
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
RtlUnwind
VirtualAlloc
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

user32

MessageBoxA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db5e0345401947c99c6eaca45ab11831

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 95KB - Virtual size: 94KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 145KB - Virtual size: 147KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 94KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 145KB - Virtual size: 147KB

.reloc
Size: 5KB - Virtual size: 4KB