d9cc4711a67a1b1e0301be034f83a796

General

Target

d9cc4711a67a1b1e0301be034f83a796
Size

1.8MB
MD5

d9cc4711a67a1b1e0301be034f83a796
SHA1

5a205a7011d09526fd4ca7c57bb11055a9c5b547
SHA256

b27f1415b2f9f072d63c4ca6a39ba4ceabbcb8c784ee1299a930688f2a28b3b0
SHA512

75065dd7a3266ac22b9ef15cde2b862338547c665160abef33f0dfcdef33dbefe1429cc8dc772cbf98f6cb3f843f5222e9055a350cd81679c3ac50e57bebd771
SSDEEP

49152:l6NMHDWlFFtW2of1K5j3iCiUzccZmpWU:o64tW2o9K5J3Zm0U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9cc4711a67a1b1e0301be034f83a796

Files

d9cc4711a67a1b1e0301be034f83a796
.dll windows:5 windows x86 arch:x86

2025feed2c7157a7c43cebb2f1d52fc6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CloseEventLog

setupapi

CM_Get_Next_Res_Des_Ex

kernel32

EnterCriticalSection
FillConsoleOutputCharacterW
CloseHandle
GetModuleFileNameW
GetModuleHandleW
GetModuleFileNameA
GetBinaryTypeA
GetLastError
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
GetStdHandle
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetProcAddress
TlsGetValue
TlsSetValue
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
Sleep
ExitProcess
RtlUnwind
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
MultiByteToWideChar
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
CreateFileA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2025feed2c7157a7c43cebb2f1d52fc6

Headers

File Characteristics

Imports

advapi32

setupapi

kernel32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 96KB - Virtual size: 106KB

DATA Size: 4KB - Virtual size: 912B

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 96KB - Virtual size: 106KB

DATA
Size: 4KB - Virtual size: 912B

.reloc
Size: 24KB - Virtual size: 20KB