fa9645fc0000fd5de9f935e5a2a2683dee779010da13aa0f1bb6c7dd6c6fede6

General

Target

fa9645fc0000fd5de9f935e5a2a2683dee779010da13aa0f1bb6c7dd6c6fede6
Size

1.2MB
MD5

b7b71b35fbfd119319015b04de817b3c
SHA1

970f39ad0c8282803bb2952a889d1b782c0a60a5
SHA256

fa9645fc0000fd5de9f935e5a2a2683dee779010da13aa0f1bb6c7dd6c6fede6
SHA512

00783881efc7b3fbf31bae5ed1bf1baa88efff87509271f3f140ec7931e445983fec342972e3fac8ac22b5baa3a918c1684e56e3e33b0e547768dcc3f4a49b4e
SSDEEP

24576:oG12Byh97y16QlRWH+MV0JrEAEqL2BH3C+82pEJ7dsLtjTcIGHRzyZQT3JGUenZW:oxBe97ytjXJ4AEy4y+w7dsdcIGHUZQTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa9645fc0000fd5de9f935e5a2a2683dee779010da13aa0f1bb6c7dd6c6fede6

Files

fa9645fc0000fd5de9f935e5a2a2683dee779010da13aa0f1bb6c7dd6c6fede6
.dll windows:5 windows x86 arch:x86

613f0ac123c1936ab06d6a9b51527521

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
SetPriorityClass
GetCurrentProcess
SetErrorMode
GetProcAddress
LoadLibraryA
GetModuleHandleA
VirtualFree
VirtualAlloc
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
IsProcessorFeaturePresent
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
Sleep
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
LCMapStringW
MultiByteToWideChar
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapSize
RtlUnwind

Exports

Exports

FTcvJS
LBs25Evf
QVGn3lF7B
_DllMain@12
q3XE7DO6

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

613f0ac123c1936ab06d6a9b51527521

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.rdata Size: 197KB - Virtual size: 196KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.rdata
Size: 197KB - Virtual size: 196KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 10KB - Virtual size: 10KB