dc1eb56e51414e509958dda6dfd1f0f5

Sharing

Copy URL

Twitter E-mail

General

Target

dc1eb56e51414e509958dda6dfd1f0f5
Size

188KB
MD5

dc1eb56e51414e509958dda6dfd1f0f5
SHA1

741d1ff6fe5babb6b0b7fc408be6327d43abee23
SHA256

281126712086225346c0867cf2587a785e3662254d109e844f723d0b30f0d80b
SHA512

a0aed0df9d69e47f27e0e97e84e7dc6b0fd061bd11d7a1a6c190da3e409c8c5a9c0b5acc8f96ae3278e8d38a6abb268ce02267bacc18a5faa2a9dd50d3538d1e
SSDEEP

3072:6A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoro:6zIqATVfQeV2FZalKq6jtGJWuTmd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

dc1eb56e51414e509958dda6dfd1f0f5

resource
dc1eb56e51414e509958dda6dfd1f0f5

Files

dc1eb56e51414e509958dda6dfd1f0f5
.dll windows:5 windows x86 arch:x86

e14682cd580b5bc2ebf0ee1ec113cb1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupLogErrorW

esent

JetEndSession

msvcrt

iswlower
memset

user32

ImpersonateDdeClientWindow
ShowOwnedPopups

winmm

waveOutGetNumDevs

gdi32

StretchBlt

mprapi

MprAdminGetErrorString

rpcrt4

RpcBindingSetAuthInfoExW

wintrust

CryptSIPCreateIndirectData

rasapi32

RasDeleteEntryW

oleaut32

VarUdateFromDate
BSTR_UserFree

kernel32

GetModuleHandleA
GetModuleFileNameW
WriteFile
GetTempPathA
GetModuleHandleW
EndUpdateResourceA
VirtualProtect
TransactNamedPipe
DebugBreak
SetDefaultCommConfigA

shlwapi

StrCmpNW
ChrCmpIA

advapi32

RegLoadAppKeyA
FreeSid
CreateServiceW

Exports

Exports

LosskiwFpponf

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e14682cd580b5bc2ebf0ee1ec113cb1f

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

esent

msvcrt

user32

winmm

gdi32

mprapi

rpcrt4

wintrust

rasapi32

oleaut32

kernel32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 132KB - Virtual size: 129KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 132KB - Virtual size: 129KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB