dfd6fdcdc90a1f8907d249fc9b6d032d

Sharing

Copy URL

Twitter E-mail

General

Target

dfd6fdcdc90a1f8907d249fc9b6d032d
Size

4.5MB
MD5

dfd6fdcdc90a1f8907d249fc9b6d032d
SHA1

9b4022f3d520bda31550cee025b78b5ffce93897
SHA256

0798aa4530a71438af836a7829f2ff9b520ae9206aa1576b32661b8f465596bd
SHA512

94fd655dff000e9ca642833bfcc164b3019221fe23035cf42de1492a60793a929ee7be89368ca3d6bea44b76470280a206ccf802757ab120e77c44141afbd03a
SSDEEP

49152:gpbFMJuNXaKiCJfzvO62j5evN98HALcFcqMgETTGWVIRe9B3CQAeTPjfhQnYJNzS:atl7q5eIZFMgZRRIN7xtlKJL+xxtk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfd6fdcdc90a1f8907d249fc9b6d032d

Files

dfd6fdcdc90a1f8907d249fc9b6d032d
.exe windows:5 windows x86 arch:x86

ea330f4c222fa3aa0f676a54212240f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LocalHandle
lstrlenW
CreateJobObjectA
GetProcAddress
FreeUserPhysicalPages
GetModuleHandleA
EnumDateFormatsW
GetCurrentThreadId
GetCurrentProcessId
ResetWriteWatch

ntdll

RtlAddVectoredExceptionHandler
RtlRemoveVectoredExceptionHandler

Sections

K
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

l
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

K
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

K
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

K
Size: 2KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

VzW
Size: 130KB - Virtual size: 128KB

IMAGE_SCN_MEM_READ

sCV
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ijW
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wll
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mpo
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dUi
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea330f4c222fa3aa0f676a54212240f6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

Sections

K Size: 2KB - Virtual size: 4KB

l Size: 2KB - Virtual size: 4KB

K Size: 2KB - Virtual size: 4KB

.tls Size: 2KB - Virtual size: 4KB

K Size: 2KB - Virtual size: 4KB

.RSRC Size: 1.8MB - Virtual size: 1.8MB

K Size: 2KB - Virtual size: 1.7MB

VzW Size: 130KB - Virtual size: 128KB

sCV Size: 14KB - Virtual size: 12KB

ijW Size: 14KB - Virtual size: 12KB

wll Size: 14KB - Virtual size: 12KB

mpo Size: 14KB - Virtual size: 12KB

dUi Size: 14KB - Virtual size: 12KB

K
Size: 2KB - Virtual size: 4KB

l
Size: 2KB - Virtual size: 4KB

K
Size: 2KB - Virtual size: 4KB

.tls
Size: 2KB - Virtual size: 4KB

K
Size: 2KB - Virtual size: 4KB

.RSRC
Size: 1.8MB - Virtual size: 1.8MB

K
Size: 2KB - Virtual size: 1.7MB

VzW
Size: 130KB - Virtual size: 128KB

sCV
Size: 14KB - Virtual size: 12KB

ijW
Size: 14KB - Virtual size: 12KB

wll
Size: 14KB - Virtual size: 12KB

mpo
Size: 14KB - Virtual size: 12KB

dUi
Size: 14KB - Virtual size: 12KB