dd2d50d2f088ba65a3751e555e0dea71

Sharing

Copy URL

Twitter E-mail

General

Target

dd2d50d2f088ba65a3751e555e0dea71
Size

584KB
MD5

dd2d50d2f088ba65a3751e555e0dea71
SHA1

9c262e87cf692225130bd07e1811859f04794e26
SHA256

777f03eda81f380b0da33d96968dcf9476e6e10459a457f107fec019bc26734b
SHA512

271402640208c366ecdc0f66f919e2bd8a2474428974d38e9412e5129c2f67b8f54d8d28e7b03b109416ac3a3eecb51a8c95b87412e17af0b73d48bf3f325bb8
SSDEEP

12288:T71Z2RQfAxfxllLGqUuJALtIYnFpMhVjGkzug38qVa9YhR:f1DIfzl4uWLtIM6GkzV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd2d50d2f088ba65a3751e555e0dea71

Files

dd2d50d2f088ba65a3751e555e0dea71
.dll windows:5 windows x64 arch:x64

605699145135beb83b94a358c524313f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
PeekNamedPipe
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

advapi32

CryptCreateHash

ws2_32

ntohs

dnsapi

DnsQuery_W

wldap32

ord27

Exports

Exports

SpInitInstance
SpLsaModeInitialize

Sections

.text
Size: - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cat0
Size: - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cat1
Size: 583KB - Virtual size: 582KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

605699145135beb83b94a358c524313f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

dnsapi

wldap32

Exports

Exports

Sections

.text Size: - Virtual size: 482KB

.rdata Size: - Virtual size: 99KB

.data Size: - Virtual size: 22KB

.pdata Size: - Virtual size: 24KB

text Size: - Virtual size: 3KB

data Size: - Virtual size: 16KB

.cat0 Size: - Virtual size: 250KB

.cat1 Size: 583KB - Virtual size: 582KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: - Virtual size: 482KB

.rdata
Size: - Virtual size: 99KB

.data
Size: - Virtual size: 22KB

.pdata
Size: - Virtual size: 24KB

text
Size: - Virtual size: 3KB

data
Size: - Virtual size: 16KB

.cat0
Size: - Virtual size: 250KB

.cat1
Size: 583KB - Virtual size: 582KB

.reloc
Size: 512B - Virtual size: 12B