59b8f3db2c8004254a2cedbec26b3855381c304fe9462070ef09a2833b138f4c

General

Target

59b8f3db2c8004254a2cedbec26b3855381c304fe9462070ef09a2833b138f4c
Size

38KB
MD5

e95f20532a3ce42529b25f0f9c4f2143
SHA1

025eb0e65cf2cd309070e828aca89098b2eaecd7
SHA256

59b8f3db2c8004254a2cedbec26b3855381c304fe9462070ef09a2833b138f4c
SHA512

4505e73e0e2753ce5986bb5779f5533739e47f9c773e66264560e2535fc473aca49ce99c192fed6c0014ec1be40a7e99b413414358f56ad8e24b5e2a1ac411f1
SSDEEP

768:0wzK4+4uqZ2CEVfMN97iqG97qFm7kwzrmu2rnbfzyaUwOhy:0ZY2CEVfMD/SJ7k3KaUwOhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59b8f3db2c8004254a2cedbec26b3855381c304fe9462070ef09a2833b138f4c

Files

59b8f3db2c8004254a2cedbec26b3855381c304fe9462070ef09a2833b138f4c
.dll windows:6 windows x64 arch:x64

f5edc4f3bf43a8748b2cd70e1300df52

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
CreateSemaphoreA
GetSystemInfo
CreateThread
WaitForSingleObject
ReleaseSemaphore
GetLastError
CloseHandle
GlobalFree
GlobalAlloc
GetCurrentThreadId

user32

GetMessageA
PeekMessageA
PostThreadMessageA

msvcr120

__crtTerminateProcess
__crtUnhandledException
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__C_specific_handler
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
??3@YAXPEAX@Z
memcpy
__CxxFrameHandler3
_CxxThrowException
__crtCapturePreviousContext

Exports

Exports

MainEntry

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5edc4f3bf43a8748b2cd70e1300df52

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcr120

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 512B

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 512B