4505248d27199e7c10fa01892ce0d72a06b21e5c1071c3d496d0e43fcde80eb6

Sharing

Copy URL Twitter E-mail

General

Target

4505248d27199e7c10fa01892ce0d72a06b21e5c1071c3d496d0e43fcde80eb6
Size

2.2MB
MD5

b1a64f1d9b44114a48a084fc0f7613ee
SHA1

0bc2772ec028599a37ffdcdfc81de8757d477233
SHA256

4505248d27199e7c10fa01892ce0d72a06b21e5c1071c3d496d0e43fcde80eb6
SHA512

eddb416fd4400f90a528b0c971684b584375166f417f40bf8245903a57b36ecaa891af1c15cd0d0867ebffceb543559dd305e3b3025f82fb3be5f00e1891fc7f
SSDEEP

49152:jtyc8prruyoJh82hKd3tXuTUsmmMCMIEAw2nwMN0BueXt:jtU9ruyoJh8we3tX+RmmkewMKBu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4505248d27199e7c10fa01892ce0d72a06b21e5c1071c3d496d0e43fcde80eb6

Files

4505248d27199e7c10fa01892ce0d72a06b21e5c1071c3d496d0e43fcde80eb6
.dll windows:5 windows x86 arch:x86

85f4aaf6a8dd16c83ef65367d02b050e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
SetStdHandle
SetEvent
GetVersionExA
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetLastError
HeapFree
GetModuleHandleW
ExitProcess
SetFilePointer
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetLastError
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
CloseHandle
GetLocaleInfoA
CreateFileA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

oleaut32

SafeArrayCreate

user32

CreateWindowExA
GetScrollBarInfo
ReleaseDC
SetFocus

gdi32

Chord
CreateCompatibleDC
LineTo
UpdateColors
SetTextColor
GdiFlush
PathToRegion

wininet

UnlockUrlCacheEntryFile

ole32

CoTaskMemAlloc

Exports

Exports

SdekbleRstnees

Sections

r_ZdK
Size: 720KB - Virtual size: 719KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 356KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

HE8wLE62
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85f4aaf6a8dd16c83ef65367d02b050e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

user32

gdi32

wininet

ole32

Exports

Exports

Sections

r_ZdK Size: 720KB - Virtual size: 719KB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 72KB - Virtual size: 80KB

.crt Size: 356KB - Virtual size: 352KB

.rsrc Size: 4KB - Virtual size: 936B

HE8wLE62 Size: 40KB - Virtual size: 37KB

r_ZdK
Size: 720KB - Virtual size: 719KB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 72KB - Virtual size: 80KB

.crt
Size: 356KB - Virtual size: 352KB

.rsrc
Size: 4KB - Virtual size: 936B

HE8wLE62
Size: 40KB - Virtual size: 37KB