8f2c070ddb32a7ae3944cee19d1d67141a72db2f0bae4e60f95cf3afcaf3c69d

Sharing

Copy URL Twitter E-mail

General

Target

8f2c070ddb32a7ae3944cee19d1d67141a72db2f0bae4e60f95cf3afcaf3c69d
Size

116KB
MD5

7270be2236d75d5385aa15809db1ffc9
SHA1

5b9a2d5e59649e96bb1a60da4adf3362f3cd51fa
SHA256

8f2c070ddb32a7ae3944cee19d1d67141a72db2f0bae4e60f95cf3afcaf3c69d
SHA512

bec726c2f2327c8d2ec7e547a4d0f1a28fab1d474f51561a43b5f466b68f329eb205934a577904f357b9c501f1374725cefedc2cb58c3e531e8c4ae1f093e775
SSDEEP

1536:biB5In4NKLIQy+PyR1GyS0xeJ9zOnlJpYTObo529Ad9Uf3uq8o5YT5g67vc3:pNIQy+aRgyner6nl5mUfH8oqVg67vc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f2c070ddb32a7ae3944cee19d1d67141a72db2f0bae4e60f95cf3afcaf3c69d

Files

8f2c070ddb32a7ae3944cee19d1d67141a72db2f0bae4e60f95cf3afcaf3c69d
.dll windows:4 windows x86 arch:x86

a9a24df85fec5e5d891efde0a525d282

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
lstrcatA
GetPrivateProfileStringA
FreeLibrary
CloseHandle
GlobalLock
OpenFile
SetFilePointer
GetPrivateProfileIntA
lstrcpyA
lstrcmpA
DeleteFileA
GlobalFree
GlobalAlloc
WriteFile
VirtualFree
GetStdHandle
GetFileType
RtlUnwind
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetModuleHandleA
HeapDestroy
HeapCreate
GlobalUnlock
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
SetHandleCount
SetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
InterlockedDecrement
InterlockedIncrement
GetOEMCP
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
LCMapStringA
LCMapStringW
RaiseException

user32

MessageBoxA
SendMessageA
LoadStringA
wsprintfA
PeekMessageA
FindWindowA
IsDialogMessageA
TranslateMessage
DispatchMessageA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

DSGetDSState
DSNotifyXferReady
DSSetDataBase
DSSetFinalArea
DSSetScanner
DS_Entry
DllMain
UICloseScan
UIFinalScan
UIPreviewScan

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9a24df85fec5e5d891efde0a525d282

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 12KB - Virtual size: 8KB