1403b3c9e9540c0f16f0c34d7c598ea44d57132b4d98226f5854530daa9b3a6a

Sharing

Copy URL Twitter E-mail

General

Target

1403b3c9e9540c0f16f0c34d7c598ea44d57132b4d98226f5854530daa9b3a6a
Size

179KB
MD5

a3ad4b2aa6cba2707935e40dd23a8512
SHA1

a85582bc1c94dd55d355e890d434bb56277cfb0e
SHA256

1403b3c9e9540c0f16f0c34d7c598ea44d57132b4d98226f5854530daa9b3a6a
SHA512

306ef54376ad3d698c9896bed04a2e6b2aebf054a3758e4edeed0fa8af85c5f951da70c332d2517e73dd52abb34a10a89b61e6760c8bb73c898833fd3d3cd390
SSDEEP

3072:yjtFz0ftQ5lJcvAr/7ABITsiluQt5mVAYKmVuBG0BYBdB+SIQlWH4qoV:ZfKR/AITsilNt82YdVujyUQ1qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1403b3c9e9540c0f16f0c34d7c598ea44d57132b4d98226f5854530daa9b3a6a

Files

1403b3c9e9540c0f16f0c34d7c598ea44d57132b4d98226f5854530daa9b3a6a
.dll windows:5 windows x64 arch:x64

d4b895ac3671a61266017933737a185e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

CreateToolhelp32Snapshot
Process32Next
Process32First
GetLastError
FreeLibrary
GetProcAddress
CloseHandle
GetModuleFileNameA
GetLocalTime
EnterCriticalSection
LeaveCriticalSection
GetTickCount
Sleep
LoadLibraryA
GetProfileStringA
CompareStringW
GetProcessHeap
SetEndOfFile
CreateFileW
HeapReAlloc
LoadLibraryW
CreateFileA
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlUnwindEx
GetFileAttributesA
ExitThread
GetCurrentThreadId
CreateThread
DecodePointer
EncodePointer
HeapFree
HeapAlloc
RaiseException
RtlPcToFileHeader
WideCharToMultiByte
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetTimeZoneInformation
WriteFile
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
MultiByteToWideChar
ReadFile
SetFilePointer
GetModuleHandleW
ExitProcess
GetModuleFileNameW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
LCMapStringW
GetStringTypeW
WriteConsoleW
SetStdHandle
FlushFileBuffers
HeapSize
SetEnvironmentVariableA

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA

ws2_32

select
inet_addr
htons
gethostbyname
shutdown
WSAStartup
closesocket

Exports

Exports

Service
Start

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.scode
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4b895ac3671a61266017933737a185e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 97KB

.scode Size: 18KB - Virtual size: 17KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 18KB - Virtual size: 35KB

.pdata Size: 5KB - Virtual size: 5KB

text Size: 1KB - Virtual size: 1KB

data Size: 8KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 97KB - Virtual size: 97KB

.scode
Size: 18KB - Virtual size: 17KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 18KB - Virtual size: 35KB

.pdata
Size: 5KB - Virtual size: 5KB

text
Size: 1KB - Virtual size: 1KB

data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 1KB