43b61ecac28c858a8c2707f0285e9aab35963b04b636ccbd759ef3b76938eacf

Sharing

Copy URL Twitter E-mail

General

Target

43b61ecac28c858a8c2707f0285e9aab35963b04b636ccbd759ef3b76938eacf
Size

64KB
MD5

4f4ed4c245b71b4199af6bb405ffb048
SHA1

a28c229491ab3c0087517d7bed898647606e525e
SHA256

43b61ecac28c858a8c2707f0285e9aab35963b04b636ccbd759ef3b76938eacf
SHA512

d31c9b493129f8d200a749c487af3605170f8524bd4e7087e7401e7f9885389b2a85c03fdd9abdcf592bdf88a37dbced735e9992aba6e2771435fd1d2b2508aa
SSDEEP

1536:yH80ahyiPJb4amnWZT1ugq/blJJuh59LrCrE2o+66L:+80aciPJb4amnj7/bljuh59Co2o+6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43b61ecac28c858a8c2707f0285e9aab35963b04b636ccbd759ef3b76938eacf

Files

43b61ecac28c858a8c2707f0285e9aab35963b04b636ccbd759ef3b76938eacf
.dll windows:6 windows x86 arch:x86

50cdbaebb187ee07ab6b6a2584c05c79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dev\ᛋᛋ\upd2704_vs2022_project\Release\upd2704_vs2022_project.pdb

Imports

crypt32

CertNameToStrA
CertGetIssuerCertificateFromStore
CertCloseStore
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertOpenSystemStoreA
CertFreeCertificateContext
CertGetCertificateChain
CertFindChainInStore

secur32

DecryptMessage
FreeContextBuffer
ApplyControlToken
QueryContextAttributesA
EncryptMessage
AcquireCredentialsHandleA
DeleteSecurityContext
InitializeSecurityContextA
FreeCredentialsHandle

kernel32

InitializeSListHead
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
IsDebuggerPresent
GetProcAddress
GetModuleFileNameA
VirtualProtect
GetCurrentProcess
VirtualAlloc
lstrcmpA
TerminateProcess
LoadLibraryA
K32GetModuleInformation
FreeLibrary
lstrcmpiW
MoveFileExA
CreateThread
WriteFile
Sleep
GetFileAttributesA
CreateFileA
CloseHandle
WinExec
OutputDebugStringA
lstrlenA
GlobalFree
MultiByteToWideChar
GetLastError
CreateMutexW
GetCommandLineA
DisableThreadLibraryCalls
GlobalAlloc
GetModuleHandleW
WideCharToMultiByte
OpenMutexW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetModuleHandleA
UnhandledExceptionFilter

user32

MessageBoxA

advapi32

RegQueryValueExA
RegOpenKeyExA

vcruntime140

_CxxThrowException
__std_exception_destroy
memset
_except_handler4_common
memcmp
memchr
memcpy
__std_exception_copy
__std_type_info_destroy_list
__RTtypeid
__std_type_info_name
strrchr
strchr
strstr
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
realloc
free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vfprintf
fclose
tmpfile
ftell
feof
fopen
fwrite
__acrt_iob_func
fseek
fflush
fread

api-ms-win-crt-string-l1-1-0

strncmp
_strnicmp
isalnum
strncpy
_strdup
isdigit
_stricmp

api-ms-win-crt-time-l1-1-0

_ctime64
_time64

api-ms-win-crt-convert-l1-1-0

atoi
_itoa

api-ms-win-crt-runtime-l1-1-0

_cexit
_beginthread
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_exit

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50cdbaebb187ee07ab6b6a2584c05c79

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

secur32

kernel32

user32

advapi32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 3KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 3KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB