c9ed69e7bf233ba1edd18a1f91671faee9b7756aa77fe517319098706e78cde5

General

Target

c9ed69e7bf233ba1edd18a1f91671faee9b7756aa77fe517319098706e78cde5
Size

40KB
MD5

40e3e86c68425defcb67faacae1d1bda
SHA1

c4990d44897dfcff32bb72ce52128d008bc88657
SHA256

c9ed69e7bf233ba1edd18a1f91671faee9b7756aa77fe517319098706e78cde5
SHA512

a5f4542c650a38016cbe1f3792a85687d4b7d879933abc1d05e7ec632fc37ee90e6674e4c2a21e191bb146c298e3328013554cbb63a37028e120a994eaf4e793
SSDEEP

768:MWBOxWV2NOzZ6zXFD5sazhJJ+naEDtOmxWyz+C:7BOxooXF5/1QCl8+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9ed69e7bf233ba1edd18a1f91671faee9b7756aa77fe517319098706e78cde5

Files

c9ed69e7bf233ba1edd18a1f91671faee9b7756aa77fe517319098706e78cde5
.dll windows:5 windows x86 arch:x86

b1940b79519ebddbc9334d7c5031d9eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
CreateFileA
WriteFile
CloseHandle
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
HeapAlloc
RaiseException
GetLastError
HeapFree
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetProcAddress
Sleep
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapSize
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
LoadLibraryW
RtlUnwind
IsProcessorFeaturePresent

Exports

Exports

SbieApi_Log
_SbieDll_Hook@12

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1940b79519ebddbc9334d7c5031d9eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 3KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 3KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 4KB