b51e46227d0fa88afef7428733361d02

Sharing

Copy URL Twitter E-mail

General

Target

b51e46227d0fa88afef7428733361d02
Size

348KB
MD5

b51e46227d0fa88afef7428733361d02
SHA1

ec725eac53cd48032800966c62a5135e6e1448ed
SHA256

845396638ce6653ffcff3c6fa2fd15952dcbc87be0ee235eaafbd1df1daa2f8e
SHA512

469bbb27c9968de36e2a421190dffeaf566fc4914d4d12e5cce9a047d0fad3421d59784becd67729ed052ba7b22d4ae5c4bb6e1dbbe503d027027397808a6107
SSDEEP

6144:7y6NDsykPkMG/9JilBlJ7KCg1mLFcRufeO/oE/Bs70etMT:7dNDBkPkHoLKCuW2O/K70T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b51e46227d0fa88afef7428733361d02

Files

b51e46227d0fa88afef7428733361d02
.dll windows:4 windows x86 arch:x86

4b33184380cd87c01043e780e8bd7e1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHDeleteKeyA
SHDeleteKeyW
SHEnumKeyExW
SHCopyKeyA
SHDeleteEmptyKeyA
SHDeleteEmptyKeyW
HashData

kernel32

lstrcmpW
GetFileAttributesW
GetCurrentDirectoryW
GetComputerNameW
Beep
OpenEventA
CreateFileMappingA
CreateNamedPipeA
DeleteFileA
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
GetConsoleMode
GetExitCodeProcess
GetModuleFileNameA
GetModuleHandleA
GetNamedPipeInfo
GetCurrentProcessId
GetStdHandle
GetThreadLocale
GetUserDefaultLCID
GlobalAlloc
IsValidCodePage
IsValidLocale
ReleaseSemaphore
ResetEvent
SetFilePointer
GetStartupInfoA
GetComputerNameA
GetFileType
GetSystemDirectoryW
BackupSeek
lstrcmpA
lstrlenW
lstrlenA
SetCurrentDirectoryA
FlushViewOfFile
GetDriveTypeW
GetWindowsDirectoryW
GetCurrentDirectoryA
CancelIo

ole32

OleRun

user32

ReleaseDC

advapi32

GetUserNameW
RegLoadKeyA

msvcrt

free
toupper
malloc

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

winmm

GetDriverModuleHandle
timeGetDevCaps
SendDriverMessage

Exports

Exports

abc

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b33184380cd87c01043e780e8bd7e1e

Headers

File Characteristics

Imports

shlwapi

kernel32

ole32

user32

advapi32

msvcrt

version

winmm

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 292KB - Virtual size: 290KB

pdata Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 768B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 292KB - Virtual size: 290KB

pdata
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 768B

.reloc
Size: 4KB - Virtual size: 1KB