c8e7545add6b2c92d411d031cc8581a8c7647ae1b7748a43e45dbc61f5791a06

Sharing

Copy URL Twitter E-mail

General

Target

c8e7545add6b2c92d411d031cc8581a8c7647ae1b7748a43e45dbc61f5791a06
Size

162KB
MD5

c4ae971b1117ef0099159c4e0f01db73
SHA1

c20f494559c36d1eca021844945f9591a3bfd67b
SHA256

c8e7545add6b2c92d411d031cc8581a8c7647ae1b7748a43e45dbc61f5791a06
SHA512

5f13e5326fd97e6b9b2bf9e968b469fb75945f828fe5d6e823f36fff22207761d6fb0e0e8b76135cf355ea12d137d19fd6dc015c6b1d2b329d2c380f715754cb
SSDEEP

3072:c7rwiRXUJuAFkIIbJXdnWk3Sha3jWOvlpQGnX:+rFRXUUDdPSzMlPnX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8e7545add6b2c92d411d031cc8581a8c7647ae1b7748a43e45dbc61f5791a06

Files

c8e7545add6b2c92d411d031cc8581a8c7647ae1b7748a43e45dbc61f5791a06
.dll windows:5 windows x86 arch:x86

62db8513a50f61820423497823bf2912

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
DeleteFileA
ExitProcess
HeapAlloc
GetCurrentProcess
HeapFree
Process32First
GetProcessHeap
ExpandEnvironmentStringsA
OpenProcess
WideCharToMultiByte
FreeConsole
CreateEventA
GetLocalTime
Process32Next
GetVersionExA
CreateToolhelp32Snapshot
CreateFileW
CreateFileA
WriteConsoleW
SetStdHandle
LoadLibraryW
HeapReAlloc
GetStringTypeW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapSize
LoadLibraryA
GetSystemInfo
GetProcAddress
GetLastError
GetTickCount
GetSystemDefaultLCID
WaitForSingleObject
FreeLibrary
GetModuleFileNameA
GetFileSize
GetLocaleInfoW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetCurrentThreadId
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
GetModuleHandleW
WriteFile
GetModuleFileNameW
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
FreeEnvironmentStringsW
SetEndOfFile

user32

DefWindowProcA
GetMessageA
PostQuitMessage
LoadIconA
TranslateMessage
GetSystemMetrics
CreateWindowExA
ShowWindow
DispatchMessageA
UpdateWindow
LoadCursorA
RegisterClassA

gdi32

GetStockObject

advapi32

SetServiceStatus
LookupPrivilegeValueA
EqualSid
GetTokenInformation
ConvertSidToStringSidA
RegQueryValueExA
RegisterServiceCtrlHandlerW

ole32

CoCreateGuid

shlwapi

SHRegGetValueA

Exports

Exports

ServiceMain
Start

Sections

.text
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62db8513a50f61820423497823bf2912

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 121KB - Virtual size: 120KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 6KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 121KB - Virtual size: 120KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 10KB - Virtual size: 9KB