a295ccb79ecdb88400b2b528d91d3dc1277a4d89b3ff2cde990a8360d68de1f7

Sharing

Copy URL Twitter E-mail

General

Target

a295ccb79ecdb88400b2b528d91d3dc1277a4d89b3ff2cde990a8360d68de1f7
Size

564KB
MD5

2dad66d6cdbadc583ac09391a6c3467a
SHA1

64a3e817c182ad9859d37ba65988e3355f885747
SHA256

a295ccb79ecdb88400b2b528d91d3dc1277a4d89b3ff2cde990a8360d68de1f7
SHA512

0c82ae07bedc7f20e4bf291ce7461cfcf28207daf051cdf80adf9b55b9ef0cdd4a70ce28e663576d1154ce87ced195e7670423045f8ff0a685f0fd79e00a3ae7
SSDEEP

3072:okZnOLsTCnBYLDhFClkREBdD8ABG7Niy9YpBT/t27U4:F2sTC6vClSuv8iBT/t244

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a295ccb79ecdb88400b2b528d91d3dc1277a4d89b3ff2cde990a8360d68de1f7

Files

a295ccb79ecdb88400b2b528d91d3dc1277a4d89b3ff2cde990a8360d68de1f7
.dll windows:4 windows x86 arch:x86

c1de7ff123d7c34a32e45d2a3897eeae

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA

mfc42

ord926
ord4204
ord665
ord1979
ord3318
ord5186
ord354
ord801
ord6143
ord541
ord922
ord5710
ord5683
ord5861
ord5442
ord924
ord4129
ord668
ord1567
ord6385
ord353
ord268
ord3181
ord2764
ord3178
ord2781
ord2770
ord356
ord2614
ord5572
ord2915
ord538
ord4278
ord939
ord941
ord1200
ord2818
ord535
ord858
ord803
ord540
ord537
ord860
ord543
ord3584
ord1182
ord823
ord342
ord1253
ord800
ord825
ord1168
ord5773

msvcrt

strerror
_errno
memmove
_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_mbsstr
mbtowc
strtol
wctomb
_mbsnbcmp
_mbschr
_mbclen
_mbsnbcpy
fwrite
_mbsnbicmp
exit
_ftol
sprintf
malloc
fread
_iob
fflush
free
_fcloseall
fseek
ftell
strtok
atol
_mbscmp
fopen
fgets
fputc
__CxxFrameHandler
_purecall
strstr
fclose

kernel32

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateFileA
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindFirstFileA
DeleteFileA
SetLastError
GetVersionExA
DeviceIoControl
WriteFile
SetFilePointer
GetLastError
GetModuleFileNameA
CreateDirectoryA
Sleep
OutputDebugStringA
GetTickCount

user32

MessageBoxA

msvcp60

?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z

Exports

Exports

LoadMagicDLDll
UnloadMagicDLDll

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 448KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1de7ff123d7c34a32e45d2a3897eeae

Headers

File Characteristics

Imports

setupapi

mfc42

msvcrt

kernel32

user32

msvcp60

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 448KB - Virtual size: 446KB

.rsrc Size: 4KB - Virtual size: 976B

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 448KB - Virtual size: 446KB

.rsrc
Size: 4KB - Virtual size: 976B

.reloc
Size: 8KB - Virtual size: 6KB