a0c5909826075766aeb546355e3fcbc44d794ccb3876320b28b6eb5ce1527b0e

General

Target

a0c5909826075766aeb546355e3fcbc44d794ccb3876320b28b6eb5ce1527b0e
Size

1.4MB
MD5

a3ba37cde2644ed6345d2c74ce25bfd8
SHA1

7557941c7716b56c88b15152864af2db62248c87
SHA256

a0c5909826075766aeb546355e3fcbc44d794ccb3876320b28b6eb5ce1527b0e
SHA512

65ff000bf7bc3d604b75f23b0960ff104cc8fcb8a017a8781cf47285f8ad40c3d5a2b4d9092066a04424c717e6c008e6f3f2c55ea80f5c9406730581d2bbe6a4
SSDEEP

24576:gBlZ+lJQRNJLxlvH4FSZXf+4jkntIhl+XxoQqOpop48EqZBrFzVU3O0m+TsOGbfg:gBl0lENJTE+knJhoQq24BZRU3XGbfd9Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0c5909826075766aeb546355e3fcbc44d794ccb3876320b28b6eb5ce1527b0e

Files

a0c5909826075766aeb546355e3fcbc44d794ccb3876320b28b6eb5ce1527b0e
.dll windows:5 windows x86 arch:x86

77f39ead8766e887ae0ea3096c550a8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
SetPriorityClass
GetCurrentProcess
SetErrorMode
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualAlloc
GetLastError
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
HeapReAlloc
GetCurrentThreadId
DecodePointer
GetCommandLineA
HeapCreate
HeapDestroy
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetModuleHandleW
SetLastError
InterlockedDecrement
IsProcessorFeaturePresent
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
MultiByteToWideChar
GetStringTypeW
LoadLibraryW
RtlUnwind
HeapSize

Exports

Exports

EGmf035fI0
HPs04xra
JMd5nbrvL2E
_DllMain@12
x4ru5Abn634

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 226KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

77f39ead8766e887ae0ea3096c550a8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 226KB - Virtual size: 226KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 226KB - Virtual size: 226KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 9KB - Virtual size: 8KB