c239ef34ba248c6591f07953297b1bc86ac79bb20298d3f95013c27036be4134

Sharing

Copy URL Twitter E-mail

General

Target

c239ef34ba248c6591f07953297b1bc86ac79bb20298d3f95013c27036be4134
Size

72KB
MD5

d9e3cc32d6ec46bb8d4f8b633c6f1d5a
SHA1

9f88261730106783379f8eac84d52db7e506026a
SHA256

c239ef34ba248c6591f07953297b1bc86ac79bb20298d3f95013c27036be4134
SHA512

217093d8e9b038067a693725e477dd7d157c07351ec3d66a1e000b30b5a75553e268b6af18cdc3852e1a61971a5b5eddaacc83eba52af56bb3fdb83198072755
SSDEEP

384:ImdSQBeZP1GAnoMZ7DnDgHrean2i7yBT/nuJKE7tbl5LYsVh98Jq53s:ImY8e11GAno47DDs2iCiv1LYA/8Y3s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c239ef34ba248c6591f07953297b1bc86ac79bb20298d3f95013c27036be4134

Files

c239ef34ba248c6591f07953297b1bc86ac79bb20298d3f95013c27036be4134
.dll windows:4 windows x64 arch:x64

dee5df153e40075e5129ae63d03645cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleA
GetProcAddress
GetTickCount
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
HeapReAlloc
LocalAlloc
LocalFree

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_assert
_strdup
free
fwrite
getenv
memcmp
memcpy
memmove
strchr
strcmp
strcpy
strcspn
strlen

user32

LoadStringW
MessageBoxW

winmm

DefDriverProc

Exports

Exports

DriverProc

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 352B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dee5df153e40075e5129ae63d03645cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ucrtbase

user32

winmm

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 20KB

.data Size: 4KB - Virtual size: 112B

.rodata Size: 4KB - Virtual size: 12B

.rdata Size: 4KB - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 384B

.xdata Size: 4KB - Virtual size: 452B

.bss Size: - Virtual size: 352B

.edata Size: 4KB - Virtual size: 288B

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 32B

.text
Size: 24KB - Virtual size: 20KB

.data
Size: 4KB - Virtual size: 112B

.rodata
Size: 4KB - Virtual size: 12B

.rdata
Size: 4KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 384B

.xdata
Size: 4KB - Virtual size: 452B

.bss
Size: - Virtual size: 352B

.edata
Size: 4KB - Virtual size: 288B

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 32B