d52971d838ae3589971fa7b0d1d8044a2863de27be41d201a86be3877e86c370

Sharing

Copy URL Twitter E-mail

General

Target

d52971d838ae3589971fa7b0d1d8044a2863de27be41d201a86be3877e86c370
Size

68KB
MD5

29cb59f8eaa81541d95c76adef6a1e0a
SHA1

9c86c667d49d96d00ac7cb832022f9d1f8ce3526
SHA256

d52971d838ae3589971fa7b0d1d8044a2863de27be41d201a86be3877e86c370
SHA512

17a78fefdf91eb3ae925426b55ed2503b2720c704fc9307ff9d20f6bc0f5566f82a198aeeb0060d080da015e75f455a62fdb597bdcc068514d08459f84bc662c
SSDEEP

1536:hMvMQrfjjT3j/TmOeGMm2vOef3olnUa27DTuFpIwhG7ft3oL6v:hDKef3ollUSCB7ft3oL6v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d52971d838ae3589971fa7b0d1d8044a2863de27be41d201a86be3877e86c370

Files

d52971d838ae3589971fa7b0d1d8044a2863de27be41d201a86be3877e86c370
.dll windows:4 windows x86 arch:x86

388f6a92f9859ac8d25cf75e91c7c5db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pprtl

__assert

osppc

GetGlobalAddr
osdltpkt
ntgloadr_task
osrcvpkt
ossndpkt
osnewmem

dplib

dpwrite

sputl

spcremem
spsetmem
spgetmem2
spfindsp
spschopt_timeout
spgetidx2

tplib

tprobdet
tptyppul
tpanadet
tpdigdet
tpuopdet
tpgtinp
tpzform
tpzinit
tpgrpdet
tphelp
tpplcdet

vmgr

vmgetvdb
vmgetvar
vmgtsysv

kstdio

kprintf

syutl

syinipkt

ioutl

iovalrd
iosim
iounsim
iogetmod
iocksim

kernel32

SetLastError
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InterlockedIncrement
InterlockedDecrement
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
GetCommandLineA
GetVersion
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW

Exports

Exports

IdentifyMyself

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

388f6a92f9859ac8d25cf75e91c7c5db

Headers

File Characteristics

Imports

pprtl

osppc

dplib

sputl

tplib

vmgr

kstdio

syutl

ioutl

kernel32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 14KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 14KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB