d8a8dcde7a9f7b1958f160d9e04737739c9118ea20cbe5405a9f0c154435d86f

Sharing

Copy URL

Twitter E-mail

General

Target

d8a8dcde7a9f7b1958f160d9e04737739c9118ea20cbe5405a9f0c154435d86f
Size

152KB
MD5

8f1d1afaf3d0b84620ac4ee82868b111
SHA1

2cf0afd93cf2806b0e4dbc0a8820508f1adb5a67
SHA256

d8a8dcde7a9f7b1958f160d9e04737739c9118ea20cbe5405a9f0c154435d86f
SHA512

2adfa6ef82646fdcce5313a954975cfc44b96358ad32af3cd118af35d0cf8c6bb8c73022f7221150312446e02d1abe4823ac425114b673e8d7f59808d7ba8055
SSDEEP

3072:+Xyxum6XqmeJtY/VSSmZ1QAT25omGiDTKWb95C51jnWb1VOZ47vm2E+RLxwJlu:+ixr5bVSmfQg25zvDTfb95ajs1VO670u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d8a8dcde7a9f7b1958f160d9e04737739c9118ea20cbe5405a9f0c154435d86f

Files

d8a8dcde7a9f7b1958f160d9e04737739c9118ea20cbe5405a9f0c154435d86f
.dll windows:4 windows x86 arch:x86

ac79b1861cf5da0c9d8ed6e84c90ec97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord825
ord389
ord6059
ord3229
ord5204
ord5808
ord1988
ord690
ord5356
ord800
ord540
ord772
ord500
ord823

msvcrt

strstr
malloc
free
wcscat
time
localtime
strftime
vsprintf
sprintf
__CxxFrameHandler
sscanf
strncpy
strchr
srand
rand
atoi
strcspn
_except_handler3
_CxxThrowException
tolower
toupper
_mbsicmp
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
strrchr
_strcmpi
wcslen

kernel32

FreeLibrary
LocalAlloc
LocalFree
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
FileTimeToSystemTime
SystemTimeToFileTime
FormatMessageA
GetLocalTime
lstrcatA
DeviceIoControl
InterlockedIncrement
InterlockedExchange
CreateMutexA
ReleaseMutex
SetLastError
WinExec
GetSystemDirectoryA
GetLastError
MultiByteToWideChar
GlobalMemoryStatusEx
GetSystemDefaultUILanguage
GetVersionExA
GlobalAlloc
GlobalFree
VirtualQueryEx
ReadProcessMemory
CreateDirectoryA
WriteProcessMemory
GetSystemInfo
InterlockedDecrement
GetFileSize
ReadFile
lstrcpyA
LoadLibraryA
GetProcAddress
CloseHandle
WriteFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetCurrentProcess
WideCharToMultiByte
WaitForSingleObject
CreateThread
GetCurrentProcessId
TerminateProcess
OpenProcess
GetTickCount
MoveFileExA
DeleteFileA
Sleep
lstrlenA
RaiseException
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

msvcp60

?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

SSL_clear

Sections

.text
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pn0
Size: - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pn1
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac79b1861cf5da0c9d8ed6e84c90ec97

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

msvcp60

Exports

Exports

Sections

.text Size: - Virtual size: 68KB

.rdata Size: - Virtual size: 14KB

.data Size: - Virtual size: 24KB

.pn0 Size: - Virtual size: 85KB

.pn1 Size: 132KB - Virtual size: 131KB

.reloc Size: 4KB - Virtual size: 132B

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: - Virtual size: 68KB

.rdata
Size: - Virtual size: 14KB

.data
Size: - Virtual size: 24KB

.pn0
Size: - Virtual size: 85KB

.pn1
Size: 132KB - Virtual size: 131KB

.reloc
Size: 4KB - Virtual size: 132B

.rsrc
Size: 12KB - Virtual size: 9KB