ec2b51dc1dc99165a0eb46b73c317e25

Sharing

Copy URL Twitter E-mail

General

Target

ec2b51dc1dc99165a0eb46b73c317e25
Size

594KB
MD5

ec2b51dc1dc99165a0eb46b73c317e25
SHA1

964699ff69b029a7ed73e9f2f83c254c49f73127
SHA256

8e9a6cef086b129abda8e29e97190fa95e59aa5b388473ec905611cf7f98b8f4
SHA512

b40d4256c05c1037bcfe7e9f18b6733c02ed0ea0ae12b082909aa9f6eb2b574b7b578f11447d9de6276c43cca5bc9a70023983ba173b96c250482e2e28fd9077
SSDEEP

12288:EA4jGBNzawdhcJUyzuA93tMlrk2Ez7CCr9eSthj3QF:z+GBcwdyqSu43tMSz7DNji

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec2b51dc1dc99165a0eb46b73c317e25

Files

ec2b51dc1dc99165a0eb46b73c317e25
.dll windows:5 windows x64 arch:x64

59cb384a95a38fca50fd2b7386690c96

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
CloseHandle
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

MessageBoxW

advapi32

CryptDestroyKey

ws2_32

getaddrinfo

dnsapi

DnsQuery_W

wldap32

ord33

Exports

Exports

ServiceMain
SpInitInstance
SpLsaModeInitialize
UserInitializtion
UserProfileSetup

Sections

.text
Size: - Virtual size: 483KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dat0
Size: - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dat1
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

59cb384a95a38fca50fd2b7386690c96

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

dnsapi

wldap32

Exports

Exports

Sections

.text Size: - Virtual size: 483KB

.rdata Size: - Virtual size: 100KB

.data Size: - Virtual size: 22KB

.pdata Size: - Virtual size: 24KB

text Size: - Virtual size: 3KB

data Size: - Virtual size: 16KB

.dat0 Size: - Virtual size: 236KB

.dat1 Size: 592KB - Virtual size: 592KB

.reloc Size: 512B - Virtual size: 80B

.text
Size: - Virtual size: 483KB

.rdata
Size: - Virtual size: 100KB

.data
Size: - Virtual size: 22KB

.pdata
Size: - Virtual size: 24KB

text
Size: - Virtual size: 3KB

data
Size: - Virtual size: 16KB

.dat0
Size: - Virtual size: 236KB

.dat1
Size: 592KB - Virtual size: 592KB

.reloc
Size: 512B - Virtual size: 80B