f585cd70afbe844054ea8c23b0ad0d7ad514bfcd128d14c791f6d1e5b115f21f

Sharing

Copy URL Twitter E-mail

General

Target

f585cd70afbe844054ea8c23b0ad0d7ad514bfcd128d14c791f6d1e5b115f21f
Size

49KB
MD5

1715f2b1ea5ce3c279f13a347f365548
SHA1

33624727e050ffcebb9db2013cd383dfacebc458
SHA256

f585cd70afbe844054ea8c23b0ad0d7ad514bfcd128d14c791f6d1e5b115f21f
SHA512

7d51e2dfad285317ef9e270bb3214e816d105b8d7e46311e937cea06488bf53b89d96cb83e5a04d4b239f0edc5a1ee9d4d694d3889da1ca89179960a726ec232
SSDEEP

1536:eXNUYeJTc2Mf/erY2N2PuPIJdQgIl+Ns:YNUY+Tc/erY2N+AIJdQgIl+S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f585cd70afbe844054ea8c23b0ad0d7ad514bfcd128d14c791f6d1e5b115f21f

Files

f585cd70afbe844054ea8c23b0ad0d7ad514bfcd128d14c791f6d1e5b115f21f
.dll windows:6 windows x86 arch:x86

ee0ac077d1af1506c955d0aa1718d813

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Unity-Injector-master\Release\proxy.pdb

Imports

kernel32

DisableThreadLibraryCalls
CreateThread
GetModuleHandleA
GetProcAddress
FreeLibrary
GetProcessHeap
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
GetLastError
RaiseException
IsDebuggerPresent
DecodePointer
EncodePointer
VirtualQuery
VirtualFree
VirtualAlloc
Thread32Next
Thread32First
CreateToolhelp32Snapshot
GetModuleHandleW
VirtualProtect
FlushInstructionCache
SetThreadContext
GetThreadContext
ResumeThread
SuspendThread
OpenThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
Sleep
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
HeapCreate
CloseHandle
GetModuleFileNameW

msvcp120

??0?$codecvt@_WDH@std@@QAE@I@Z
?id@?$codecvt@DDH@std@@2V0locale@2@A
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?id@?$codecvt@_WDH@std@@2V0locale@2@A
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDH@std@@QBEHAAHPAD1AAPAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?out@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDH@std@@QBEHAAHPBD1AAPBDPAD3AAPAD@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?in@?$codecvt@_WDH@std@@QBEHAAHPBD1AAPBDPA_W3AAPA_W@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??_7_Facet_base@std@@6B@
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_BADOFF@std@@3_JB
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
??_7facet@locale@std@@6B@
?_Winerror_map@std@@YAPBDH@Z
??_7codecvt_base@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
?_Incref@facet@locale@std@@UAEXXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@H@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??Bid@locale@std@@QAEIXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?always_noconv@codecvt_base@std@@QBE_NXZ

msvcr120

_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
?terminate@@YAXXZ
__clean_type_info_names_internal
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
??1type_info@@UAE@XZ
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
memcpy
fclose
??0bad_cast@std@@QAE@PBD@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@ABV01@@Z
fflush
setvbuf
fsetpos
fgetpos
_fseeki64
memcpy_s
fgetc
ungetc
fwrite
fputc
_unlock_file
_lock_file
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??2@YAPAXI@Z
??3@YAXPAX@Z
_purecall
memmove
memset
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
__CxxFrameHandler3

Exports

Exports

?LoadAssembly@@YAXPAUassembly_params@@@Z

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee0ac077d1af1506c955d0aa1718d813

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp120

msvcr120

Exports

Exports

Sections

.text Size: 31KB - Virtual size: 31KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 31KB - Virtual size: 31KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 3KB - Virtual size: 2KB