193bb4cd5c3f76476c081a6e0d7e6e64523dfbf6eeb81690ff30f73384527dc2

Sharing

Copy URL Twitter E-mail

General

Target

193bb4cd5c3f76476c081a6e0d7e6e64523dfbf6eeb81690ff30f73384527dc2
Size

83KB
MD5

dfc71b129040904e9b7a4276248c58c4
SHA1

7d2f400d1af340e1315810a12bbebcb4ec09331f
SHA256

193bb4cd5c3f76476c081a6e0d7e6e64523dfbf6eeb81690ff30f73384527dc2
SHA512

48e8d18efdb0e6a549f2edeedaaac216f233d88c24d0f972b19ecd03cf6cfd837f30014a450a12f35200bacc49a35c88d3764d3e043e6f3464e309509d6695ca
SSDEEP

1536:KgHJBXRAscat4t/E914PeTbMnMfTmhStRkRwLxSAAA+GVuobBT0UkKAGUL:Kg6aCZPe8MrmkvkAHRBT0UkKAGW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
193bb4cd5c3f76476c081a6e0d7e6e64523dfbf6eeb81690ff30f73384527dc2

Files

193bb4cd5c3f76476c081a6e0d7e6e64523dfbf6eeb81690ff30f73384527dc2
.dll windows:6 windows x86 arch:x86

2f51c60ad6355ec0bd73690bebd24486

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\SC SYVEZ 6282\REQ EKI\UNDETECT CE\Release\iSyvezXnova.pdb

Imports

kernel32

GetModuleHandleA
OpenProcess
Sleep
GetModuleHandleExA
OutputDebugStringW
GetCurrentThread
LoadLibraryA
lstrcpyA
K32GetModuleBaseNameA
GetProcAddress
GlobalLock
ExitProcess
GetCurrentProcessId
CreateProcessW
WideCharToMultiByte
lstrcmpiA
GlobalUnlock
VirtualAlloc
WriteProcessMemory
IsBadWritePtr
TerminateProcess
IsBadHugeReadPtr
K32EmptyWorkingSet
IsBadReadPtr
AcquireSRWLockExclusive
GetCurrentThreadId
DeviceIoControl
GetCurrentProcess
WakeAllConditionVariable
SleepConditionVariableSRW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
VirtualProtect
ReleaseSRWLockExclusive

user32

wsprintfW
GetClipboardData
CloseClipboard
OpenClipboard
GetAsyncKeyState

advapi32

StartServiceW

msvcp140

?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$collate@_W@std@@2V0locale@2@A
_Wcsxfrm
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Xinvalid_argument@std@@YAXPBD@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?id@?$ctype@_W@std@@2V0locale@2@A
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
_Wcscoll
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z

vcruntime140

memcpy
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
wcsstr
__std_terminate
strchr
_except_handler4_common
_CxxThrowException
memset
__std_type_info_destroy_list
memmove

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_callnewh

api-ms-win-crt-string-l1-1-0

_wcsicmp

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_crt_atexit
_invalid_parameter_noinfo_noreturn
_initterm
_cexit
_register_onexit_function
_errno
_initterm_e

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfwprintf

api-ms-win-crt-convert-l1-1-0

wcstoul

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f51c60ad6355ec0bd73690bebd24486

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

msvcp140

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-convert-l1-1-0

Sections

.text Size: 59KB - Virtual size: 58KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 59KB - Virtual size: 58KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB