1f80291e2899b578b75e2574f34f6c0a11e65865ddbcc94bc9f7c6b402a0908c

Sharing

Copy URL Twitter E-mail

General

Target

1f80291e2899b578b75e2574f34f6c0a11e65865ddbcc94bc9f7c6b402a0908c
Size

83KB
MD5

b9cc827ef606e15fd45aaa3561e67c94
SHA1

c67724e9f98dc0161afe42b944bf036a9a5bec81
SHA256

1f80291e2899b578b75e2574f34f6c0a11e65865ddbcc94bc9f7c6b402a0908c
SHA512

c9255d292abefbfa986a37ff4e1c9c23840814f8250f73a8e9f2c4e9e8528f1fd81c34ac74ecba745413a651c369ee20a8cd163ed2dd074ce75fd2be013c33d2
SSDEEP

1536:5ZSrNnXJbI7k4Q0dNgUnOlwN9bq9TmUORJaKyTO7CA2Fz24moB/j:2rNnXJbIw4djgUtN9bq9IaKf7oF9moZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1f80291e2899b578b75e2574f34f6c0a11e65865ddbcc94bc9f7c6b402a0908c

Files

1f80291e2899b578b75e2574f34f6c0a11e65865ddbcc94bc9f7c6b402a0908c
.dll windows:4 windows x86 arch:x86

4adaa8a0d5aecb7ea76e6c3ab09da40e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapCreate
VirtualFree
SetHandleCount
SetStdHandle
CloseHandle
SetFilePointer
LoadLibraryA
VirtualAlloc
FlushFileBuffers
HeapAlloc
HeapFree
LeaveCriticalSection
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
HeapDestroy
lstrcpyA
EnterCriticalSection
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
InitializeCriticalSection

ltkrn10n

ord174
ord189
ord188
ord192
ord179
ord166
ord190
ord191

lffax10n

ord201
ord200

Exports

Exports

DllMain
fltDeletePage
fltInfo
fltLoad
fltSave

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4adaa8a0d5aecb7ea76e6c3ab09da40e

Headers

File Characteristics

Imports

kernel32

ltkrn10n

lffax10n

Exports

Exports

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 8KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.rmnet Size: 56KB - Virtual size: 60KB

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 8KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.rmnet
Size: 56KB - Virtual size: 60KB