f6c7a8c4c33e1d1b90f38593c2a29a0f

General

Target

f6c7a8c4c33e1d1b90f38593c2a29a0f
Size

1.8MB
MD5

f6c7a8c4c33e1d1b90f38593c2a29a0f
SHA1

c70f313050dc40868c91d2ee619517cc0303352b
SHA256

5437f1a49fd29d23bc412e30245c7b0df1b9945e15effb29b91343d10ae3a795
SHA512

ec42a3042f303c172db7f7325b7c6b41f5b687be920500eceb71c0b0e20dcf0ee431b4cf834960621820d46b4e3055a2c05ee90c338d0c7451a293c8d2fa9241
SSDEEP

24576:4x53NpvUIx2lKUCcWEJPeQlnCYOqqP/Wb671b8mdhsx8+X0l0d8XCHH8n3DlZ74m:4H33vUEm/bvlnUPDJ9Wy8A0iC8nLRlm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6c7a8c4c33e1d1b90f38593c2a29a0f

Files

f6c7a8c4c33e1d1b90f38593c2a29a0f
.dll windows:5 windows x86 arch:x86

fad4c0737442729572d556bf0b8ae96e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

SetFileSecurityA

kernel32

TryEnterCriticalSection
EnterCriticalSection
CloseHandle
GetModuleFileNameW
GetModuleHandleW
GetModuleFileNameA
GetBinaryTypeA
LeaveCriticalSection
GetStdHandle
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetLastError
HeapFree
GetProcAddress
ExitProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
WideCharToMultiByte
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapAlloc
HeapReAlloc
VirtualFree
VirtualAlloc
WriteFile
LoadLibraryA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA

setupapi

SetupGetSourceInfoA

Sections

.text
Size: 980KB - Virtual size: 977KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CONST
Size: 680KB - Virtual size: 679KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fad4c0737442729572d556bf0b8ae96e

Headers

File Characteristics

Imports

advapi32

kernel32

setupapi

Sections

.text Size: 980KB - Virtual size: 977KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 96KB - Virtual size: 105KB

CONST Size: 680KB - Virtual size: 679KB

.rsrc Size: 4KB - Virtual size: 912B

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 980KB - Virtual size: 977KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 96KB - Virtual size: 105KB

CONST
Size: 680KB - Virtual size: 679KB

.rsrc
Size: 4KB - Virtual size: 912B

.reloc
Size: 24KB - Virtual size: 20KB