78802d5b705042a8bab3ecf8597c611f58a37b9bc1a55f382c551ac6e35ae928

Sharing

Copy URL Twitter E-mail

General

Target

78802d5b705042a8bab3ecf8597c611f58a37b9bc1a55f382c551ac6e35ae928
Size

5.4MB
MD5

2a599aa0f11971456607f790878c5172
SHA1

c070d712d905a61a0b1db75b01694a3d6f722655
SHA256

78802d5b705042a8bab3ecf8597c611f58a37b9bc1a55f382c551ac6e35ae928
SHA512

7a15818ad5651940bc6befbde0b640f0f403f8b662b307fd57e545a5d071324682d1b1432489ecf2a72c463f9c20cfca761b039c9c35d971ee567c4fc57a1a0f
SSDEEP

49152:uqe+8TgjzGlbEi//luxfULyp0cJ2nbUgWLZKudhDsFOj7Sxy+mfNnFtHR3Dr3VTN:6Fg2lP//luxf68kDFOjeRNy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78802d5b705042a8bab3ecf8597c611f58a37b9bc1a55f382c551ac6e35ae928

Files

78802d5b705042a8bab3ecf8597c611f58a37b9bc1a55f382c551ac6e35ae928
.dll windows:4 windows x64 arch:x64

1125cca42ce6185d4b7e394be2af7e25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\workarea\8.56.1\drivers\dx\udx\lh64a\bld\dll\B_rel\atiumd64.pdb

Imports

kernel32

HeapCreate
CreateToolhelp32Snapshot
QueryPerformanceFrequency
FreeLibrary
DeleteCriticalSection
QueryPerformanceCounter
CloseHandle
WaitForSingleObject
DeleteTimerQueueTimer
SetEvent
GetCurrentProcessId
InitializeCriticalSection
HeapDestroy
Sleep
CreateEventA
LeaveCriticalSection
Thread32Next
GetProcAddress
CreateTimerQueueTimer
EnterCriticalSection
LoadLibraryA
OpenThread
GetExitCodeThread
GetModuleFileNameA
HeapFree
VirtualProtect
HeapAlloc
GetCurrentThread
GetCurrentProcess
SetProcessAffinityMask
SetThreadAffinityMask
Thread32First
GetProcessAffinityMask
FlsSetValue
GetCommandLineA
GetVersionExW
ExitThread
GetLastError
FlsGetValue
CreateThread
WideCharToMultiByte
RtlUnwindEx
RaiseException
GetModuleHandleW
ExitProcess
EncodePointer
DecodePointer
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetTickCount
GetSystemTimeAsFileTime
OutputDebugStringA
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
LCMapStringW
MultiByteToWideChar
WriteFile
InitializeCriticalSectionAndSpinCount
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetFilePointer
GetConsoleCP
GetConsoleMode
GetStringTypeW
VirtualAlloc
SetThreadStackGuarantee
GetSystemInfo
VirtualQuery
LoadLibraryW
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers

advapi32

RegCloseKey
RegOpenKeyA
RegEnumValueA
RegQueryValueExA

Exports

Exports

DllMain
OpenAdapter
checkit

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TEXT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 883KB - Virtual size: 882KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 563KB - Virtual size: 741KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 182KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1125cca42ce6185d4b7e394be2af7e25

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

TEXT Size: 1KB - Virtual size: 1KB

.rdata Size: 883KB - Virtual size: 882KB

.data Size: 563KB - Virtual size: 741KB

.pdata Size: 107KB - Virtual size: 107KB

.rsrc Size: 182KB - Virtual size: 181KB

.reloc Size: 63KB - Virtual size: 63KB

.text
Size: 3.7MB - Virtual size: 3.7MB

TEXT
Size: 1KB - Virtual size: 1KB

.rdata
Size: 883KB - Virtual size: 882KB

.data
Size: 563KB - Virtual size: 741KB

.pdata
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 182KB - Virtual size: 181KB

.reloc
Size: 63KB - Virtual size: 63KB