4bb579d59830579be9ead9f74a55001e

Sharing

Copy URL Twitter E-mail

General

Target

4bb579d59830579be9ead9f74a55001e
Size

3.4MB
MD5

4bb579d59830579be9ead9f74a55001e
SHA1

1f827ed629c9e5542ce3975b8e8987e4418a73dc
SHA256

e6a9f0915f82c45626c16672bc99ea57843023be4ecf2f888a5b06f81015c910
SHA512

eeb53210c1af6d8fa16477ee17bd2f3ead84de41f5e49ac5a08aa3b91b9c6d271f1615a9db3a7e54352471ea31885122c4642d77d66ae42d409ddba8ebf7f368
SSDEEP

98304:m5L9m2J0Ub0Y67SjaasBc8yObLJmf+XjIsHixwiYW3x:mx99ph67AaJVyObLw2z22iYw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bb579d59830579be9ead9f74a55001e

Files

4bb579d59830579be9ead9f74a55001e
.dll windows:5 windows x64 arch:x64

ae1fc64193cbd80b34fe4282f2ccdc19

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

CryptReleaseContext

ws2_32

bind

dnsapi

DnsFree

wldap32

ord46

user32

GetProcessWindowStation
GetUserObjectInformationW

Exports

Exports

SpInitInstance
SpLsaModeInitialize

Sections

.text
Size: - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dts0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.dts1
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae1fc64193cbd80b34fe4282f2ccdc19

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

dnsapi

wldap32

user32

Exports

Exports

Sections

.text Size: - Virtual size: 556KB

.rdata Size: - Virtual size: 122KB

.data Size: - Virtual size: 29KB

.pdata Size: - Virtual size: 28KB

text Size: - Virtual size: 3KB

data Size: - Virtual size: 16KB

.dts0 Size: - Virtual size: 1.5MB

.dts1 Size: 3.4MB - Virtual size: 3.4MB

.reloc Size: 512B - Virtual size: 204B

.text
Size: - Virtual size: 556KB

.rdata
Size: - Virtual size: 122KB

.data
Size: - Virtual size: 29KB

.pdata
Size: - Virtual size: 28KB

text
Size: - Virtual size: 3KB

data
Size: - Virtual size: 16KB

.dts0
Size: - Virtual size: 1.5MB

.dts1
Size: 3.4MB - Virtual size: 3.4MB

.reloc
Size: 512B - Virtual size: 204B