765ef4bbf371d0cfc04fbc695677ddcb5a30c7048f459b64af10843fc6092bf9

Sharing

Copy URL

Twitter E-mail

General

Target

765ef4bbf371d0cfc04fbc695677ddcb5a30c7048f459b64af10843fc6092bf9
Size

1.3MB
MD5

2ad40f29b98a6f42244a74f76ba97f20
SHA1

cce573df89865b4f2575c9b321632e93626812db
SHA256

765ef4bbf371d0cfc04fbc695677ddcb5a30c7048f459b64af10843fc6092bf9
SHA512

65e6df9ff642a6c1edc92fd4b6d1e05fb3a823f0e3ecf7f3d98fab7963ab843e77fd5b91c589708e371b82ce64cde1776770f6302851da103e356b931a164163
SSDEEP

12288:M38uea4w46+K1FZPfxyMs2SRXTajPomqkpyrJXy6mfvHELWUbxdewWRa7CkhkgjS:O8uea4w467D5/0ypyFYELW8xFZmMXJZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
765ef4bbf371d0cfc04fbc695677ddcb5a30c7048f459b64af10843fc6092bf9

Files

765ef4bbf371d0cfc04fbc695677ddcb5a30c7048f459b64af10843fc6092bf9
.dll windows:5 windows x64 arch:x64

67b1fe6384e57919c7d9776a95484720

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetNLSVersion
GetBinaryTypeW

advapi32

CryptGetDefaultProviderW

user32

ReleaseCapture

wintrust

WintrustRemoveActionID

ws2_32

WSACancelAsyncRequest

gdi32

CreateScalableFontResourceA

Exports

Exports

BrandingFormatString
BrandingLoadBitmap
BrandingLoadCursor
BrandingLoadIcon
BrandingLoadImage
BrandingLoadString
GetHinstanceByNameSpace

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 796KB - Virtual size: 795KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

pdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 802B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 905B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67b1fe6384e57919c7d9776a95484720

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

wintrust

ws2_32

gdi32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 18KB

.rdata Size: 796KB - Virtual size: 795KB

pdata Size: 92KB - Virtual size: 91KB

.pdata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

Size: 28KB - Virtual size: 27KB

Size: 4KB - Virtual size: 1KB

Size: 4KB - Virtual size: 503B

Size: 4KB - Virtual size: 1KB

Size: 4KB - Virtual size: 503B

Size: 4KB - Virtual size: 802B

Size: 28KB - Virtual size: 27KB

Size: 4KB - Virtual size: 318B

Size: 28KB - Virtual size: 27KB

Size: 4KB - Virtual size: 905B

Size: 4KB - Virtual size: 1KB

Size: 4KB - Virtual size: 180B

Size: 280KB - Virtual size: 276KB

Size: 4KB - Virtual size: 2KB

Size: 8KB - Virtual size: 6KB

Size: 4KB - Virtual size: 276B

.text
Size: 20KB - Virtual size: 18KB

.rdata
Size: 796KB - Virtual size: 795KB

pdata
Size: 92KB - Virtual size: 91KB

.pdata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB