d316aec353be6dc607943ce52f0e70cf05ecb8994a0511d86ece65de64a0db0a

Sharing

Copy URL

Twitter E-mail

General

Target

d316aec353be6dc607943ce52f0e70cf05ecb8994a0511d86ece65de64a0db0a
Size

3.0MB
MD5

e3031446eda0fc2971af0ac2d088318d
SHA1

1a0c94ed14a3ee6fc129d0f3674771ca51525119
SHA256

d316aec353be6dc607943ce52f0e70cf05ecb8994a0511d86ece65de64a0db0a
SHA512

233c0fa5653859e616ac93a7ab23e82bb2cd40c743f316d28e3052b6dd0a9fe84a517d692fdff4855b50dc10c01920921166720e4817fbbcd05db61806862899
SSDEEP

49152:aVtW6dVlTag3hJ51oNlEAGjxEZ4cQ/+GVBRDR1HV0VDo+BZZ4aMpjwFIQlq1wiEb:Sag3hJ51oNlEAGjxEZ4cQ/+GVBRDR1Hv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d316aec353be6dc607943ce52f0e70cf05ecb8994a0511d86ece65de64a0db0a

Files

d316aec353be6dc607943ce52f0e70cf05ecb8994a0511d86ece65de64a0db0a
.dll windows:5 windows x86 arch:x86

4b91b76742a6ba2da063220d98a85991

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.DirectX.Direct3DX.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
DeleteFileA
CloseHandle
ReadFile
CreateFileA
WriteFile
WideCharToMultiByte
GetVersionExA
OutputDebugStringA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetModuleHandleA
CompareStringA
FreeResource
SizeofResource
GetTempPathA
LoadResource
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileW
DeleteFileW
SetFilePointer
GetSystemInfo
IsProcessorFeaturePresent
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
GetLastError
MultiByteToWideChar
VirtualFree
VirtualAlloc
lstrcmpiA
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
HeapAlloc
GetProcessHeap
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetTempFileNameA
SetLastError
InterlockedExchange
Sleep
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
LockResource

mscoree

_CorDllMain

msvcrt

wcslen
atoi
isdigit
tolower
_purecall
_CIfmod
memmove
_stricmp
_CIasin
fclose
fwrite
_wfopen
__CxxFrameHandler
fread
floor
vsprintf
wcstombs
isalnum
isspace
atof
isalpha
isxdigit
_fpclass
_isnan
_CItanh
_CIsinh
_CIexp
_CIcosh
iswpunct
iswdigit
iswalpha
iswspace
modf
toupper
calloc
longjmp
_setjmp3
sscanf
frexp
_strdate
_strtime
ldexp
rand
_ultoa
atol
_except_handler3
exit
fseek
tmpfile
?terminate@@YAXXZ
strncpy
wcsncpy
_CIpow
_snprintf
_vsnprintf
ceil
_controlfp
qsort
_ftol
_finite
_CIacos
realloc
setlocale
_strdup
_adjust_fdiv
malloc
_initterm
free
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
strchr
_CIsqrt
sprintf

user32

ReleaseDC
GetDC

gdi32

CreateFontIndirectA
GetObjectA
GetCurrentObject
MoveToEx
ExtTextOutA
GetOutlineTextMetricsA
GetGlyphOutlineA
GetGlyphOutlineW
GetTextMetricsA
ExtTextOutW
CreateCompatibleDC
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
DeleteDC
CreateDIBSection
GetObjectW
GetDeviceCaps
DeleteObject
SelectObject

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 482KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b91b76742a6ba2da063220d98a85991

Headers

File Characteristics

PDB Paths

Imports

kernel32

mscoree

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 2.4MB - Virtual size: 2.4MB

.data Size: 107KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 482KB - Virtual size: 484KB

.text
Size: 2.4MB - Virtual size: 2.4MB

.data
Size: 107KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 482KB - Virtual size: 484KB