e06944a841584106834e430d63ea60d5

Sharing

Copy URL Twitter E-mail

General

Target

e06944a841584106834e430d63ea60d5
Size

370KB
MD5

e06944a841584106834e430d63ea60d5
SHA1

ac927b30a7d3cbd0773c8b5dd2a37567cc274d1e
SHA256

0ee6086fe932207aa7e984e92c5d6a2f5dd2537565edd4a23bec35a102af75f8
SHA512

07f16485f10044427c9e2f0e0b8c8ff0a969d31a6a2baca53542553cecc9f4859d799bf67b94840eefd5c64b49b5cc4854143942915b1dad6a05e1effe3d450d
SSDEEP

6144:G0vLVzHOK1TyfiV0wKD7+yCPIPzvmqtIl2cy9432x6EW6wq+bd2KaSQ9KcYAJVe:G05zuHfCKD7b1Pzve32TWY+B2jd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06944a841584106834e430d63ea60d5

Files

e06944a841584106834e430d63ea60d5
.dll windows:6 windows x86 arch:x86

e4a6b094cdcc4132831ddfe978d2211d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atl110.i386.pdb

Imports

kernel32

CreateFileW
GetFileSize
ReadFile
CloseHandle
RaiseException
GetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
FreeLibrary
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
lstrcmpiW
FindResourceW
MultiByteToWideChar
EncodePointer
DecodePointer
SetLastError
WaitForSingleObject
GetCurrentProcess
GetCurrentThreadId
FlushInstructionCache
LockResource
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
MulDiv
lstrcmpW
FindResourceA
WideCharToMultiByte
InterlockedExchange
LoadLibraryExA
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
GetCommandLineA
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapSize
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetProcessHeap
HeapReAlloc
RtlUnwind
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
OutputDebugStringW
LoadLibraryW
LCMapStringW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
SetStdHandle
WriteConsoleW
FlushFileBuffers
InterlockedCompareExchange
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree

Exports

Exports

AtlAdvise
AtlAxAttachControl
AtlAxCreateControl
AtlAxCreateControlEx
AtlAxCreateControlLic
AtlAxCreateControlLicEx
AtlAxCreateDialogA
AtlAxCreateDialogW
AtlAxDialogBoxA
AtlAxDialogBoxW
AtlAxGetControl
AtlAxGetHost
AtlAxWinInit
AtlCallTermFunc
AtlComModuleGetClassObject
AtlComModuleRegisterClassObjects
AtlComModuleRevokeClassObjects
AtlComModuleUnregisterServer
AtlComPtrAssign
AtlComQIPtrAssign
AtlCreateRegistrar
AtlCreateTargetDC
AtlDevModeW2A
AtlFreeMarshalStream
AtlGetObjectSourceInterface
AtlGetPerUserRegistration
AtlGetVersion
AtlHiMetricToPixel
AtlIPersistPropertyBag_Load
AtlIPersistPropertyBag_Save
AtlIPersistStreamInit_Load
AtlIPersistStreamInit_Save
AtlInternalQueryInterface
AtlLoadTypeLib
AtlMarshalPtrInProc
AtlModuleAddTermFunc
AtlPixelToHiMetric
AtlRegisterClassCategoriesHelper
AtlSetErrorInfo
AtlSetPerUserRegistration
AtlUnadvise
AtlUnmarshalPtr
AtlUpdateRegistryFromResourceD
AtlWaitWithMessageLoop
AtlWinModuleAddCreateWndData
AtlWinModuleExtractCreateWndData
AtlWinModuleInit
AtlWinModuleRegisterClassExA
AtlWinModuleRegisterClassExW
AtlWinModuleRegisterWndClassInfoA
AtlWinModuleRegisterWndClassInfoW
AtlWinModuleTerm

Sections

.text
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4a6b094cdcc4132831ddfe978d2211d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 118KB - Virtual size: 117KB

.data Size: 4KB - Virtual size: 12KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 235KB - Virtual size: 236KB

.text
Size: 118KB - Virtual size: 117KB

.data
Size: 4KB - Virtual size: 12KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 235KB - Virtual size: 236KB