dee91f88ae41f34b0f77b4ffd69fa6bc

General

Target

dee91f88ae41f34b0f77b4ffd69fa6bc
Size

125KB
MD5

dee91f88ae41f34b0f77b4ffd69fa6bc
SHA1

b21a5386c1d7ee03c9f48fde835113e2993c02ef
SHA256

348123a6db22af896ff7a7188c71a5c4644b867426626389c75851d8a3645804
SHA512

69ee827daf86f674d9d65fd89162d1da024bec64df2cb6d4fa5844e8eb3a8cc28efdbf67096a894cd39dd2a899a02b7fb68d165db2fa8556094158168216c6d0
SSDEEP

1536:gVSoUSUcr9Yoo1Ncu/owlnyqou9fH9bkrs4boc:MQa9Yoov35nyqouNz4boc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dee91f88ae41f34b0f77b4ffd69fa6bc

Files

dee91f88ae41f34b0f77b4ffd69fa6bc
.dll windows:4 windows x86 arch:x86

a6fa87221e3172c0ba3cc6b506e3bc90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
lstrlenA
LoadResource
GetStringTypeW
GetStringTypeA
SizeofResource
GetWindowsDirectoryA
CreateFileA
CloseHandle
HeapAlloc
HeapFree
RtlUnwind
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetLastError
WriteFile
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
FlushFileBuffers
SetFilePointer
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

SetTimer

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegSetValueExA

Exports

Exports

_DllMain@12

Sections

.data
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SDATA
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6fa87221e3172c0ba3cc6b506e3bc90

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.data Size: 43KB - Virtual size: 42KB

.SDATA Size: 512B - Virtual size: 16B

.rsrc Size: 78KB - Virtual size: 77KB

.reloc Size: 2KB - Virtual size: 2KB

.data
Size: 43KB - Virtual size: 42KB

.SDATA
Size: 512B - Virtual size: 16B

.rsrc
Size: 78KB - Virtual size: 77KB

.reloc
Size: 2KB - Virtual size: 2KB