b8100ac7f49560c90e652a11624c08a8

General

Target

b8100ac7f49560c90e652a11624c08a8
Size

95KB
MD5

b8100ac7f49560c90e652a11624c08a8
SHA1

6fc0d8d92a6e77d4b31cd4b6116bfa9e48585949
SHA256

341a240b66dd9ff4ab13342e449ed3e7731482d40613ec35fc30e6df5bce9c29
SHA512

9f1821912d2c35d50f94da2e7cc6c114bf611f9c86d43eb2e3181111c1171041082a463c6121842b8a6b0040b1ffc432d3cd940dc46c9bc47d2b228a75343cb2
SSDEEP

1536:iAnk4shzoW29JNYmmfAogDR2sNRSQ9YAOz+jMZPeERFaysktck0:iWqq9JNY9fZgl2sNbKesWERp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8100ac7f49560c90e652a11624c08a8

Files

b8100ac7f49560c90e652a11624c08a8
.dll windows:4 windows x86 arch:x86

f836536568d36211aaeb07a6d8fcaaeb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
HeapAlloc
HeapFree
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
lstrlenA
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
GetStringTypeA
GetStringTypeW
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

InstallPlugin
PluginVersion
TerminatePlugin

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 974B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f836536568d36211aaeb07a6d8fcaaeb

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 1024B - Virtual size: 974B

.data Size: 15KB - Virtual size: 21KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 1024B - Virtual size: 974B

.data
Size: 15KB - Virtual size: 21KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB