243e6a5e4f6eded6845fa63c032322fcc9bfd0f589637dc64953b06f2a94a990

Sharing

Copy URL Twitter E-mail

General

Target

243e6a5e4f6eded6845fa63c032322fcc9bfd0f589637dc64953b06f2a94a990
Size

442KB
MD5

b38b68ce7c0fd646e510cbf531fe8243
SHA1

25b2a355dc37f64ef512d94c90635c3a6391a3bd
SHA256

243e6a5e4f6eded6845fa63c032322fcc9bfd0f589637dc64953b06f2a94a990
SHA512

a9416e97173669e96a43695d0d5c0b6a17f65ccd2d656f9a3477d23b4be918dc39fda86a58e2c3d115572bfd09e4895bf81e135422385441686538990fab56ff
SSDEEP

6144:6EQxRnIoJmxN+IXD27s5xt1ihjXHUZZLZHAj14G8pvbumD:6BnIoUxAG27s531IXHOZxAhcumD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
243e6a5e4f6eded6845fa63c032322fcc9bfd0f589637dc64953b06f2a94a990

Files

243e6a5e4f6eded6845fa63c032322fcc9bfd0f589637dc64953b06f2a94a990
.dll windows:6 windows x86 arch:x86

6a8333e5450dee30e1c576edf4799847

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
AreFileApisANSI
CreateWaitableTimerExA
SetDynamicTimeZoneInformation
SetFileBandwidthReservation
InitializeProcThreadAttributeList
CreateHardLinkW
GetAtomNameW
DefineDosDeviceA
GetFileSize
SetTapePosition
ConnectNamedPipe
GetCurrentProcess
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
CreateThread
WaitForSingleObjectEx
OutputDebugStringW
OutputDebugStringA
CreateFileW
HeapReAlloc
HeapSize
WriteConsoleW
SetFilePointerEx
SetStdHandle
SetConsoleCtrlHandler
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
GetCurrentThread
GetACP
GetStringTypeW
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetProcessHeap
DecodePointer

oledlg

ord10
ord3
ord8

shlwapi

PathStripPathW
SHGetValueW
StrStrIA
ord433
SHDeleteValueW

Exports

Exports

cr26tt
hmrdre
ipu5h3
m46wwo
xi3hrv

Sections

.text
Size: 237KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8333e5450dee30e1c576edf4799847

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oledlg

shlwapi

Exports

Exports

Sections

.text Size: 237KB - Virtual size: 236KB

.rdata Size: 43KB - Virtual size: 42KB

.data Size: 148KB - Virtual size: 153KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 237KB - Virtual size: 236KB

.rdata
Size: 43KB - Virtual size: 42KB

.data
Size: 148KB - Virtual size: 153KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 10KB