6fcfd8d199ac469ad2d9eba71a4b7bc10108a41345c5e8e18c41cc1dc278ce0d

Sharing

Copy URL

Twitter E-mail

General

Target

6fcfd8d199ac469ad2d9eba71a4b7bc10108a41345c5e8e18c41cc1dc278ce0d
Size

224KB
MD5

6e78b9082191b12c0c0d57c970abd0a1
SHA1

72131cd6b43189076c8b2275aba7957ee16fee95
SHA256

6fcfd8d199ac469ad2d9eba71a4b7bc10108a41345c5e8e18c41cc1dc278ce0d
SHA512

68f3df8ccc7f25578fb4fc0f7a9e3aa2d0228e45f6fcfc677a4459f95fcb2e61d00612d5e0c13e41bc975eda58d07f49e7f54cdc561f49ad32f4b6b07923e0b6
SSDEEP

3072:x1MYSj9yIkZAV9dQt0dsaMRT4PoHv+Ah7apwnK370fF5JHBi7/PhoKFso:xzSjD9et0dCsPcle370tzHBiTP+8so

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fcfd8d199ac469ad2d9eba71a4b7bc10108a41345c5e8e18c41cc1dc278ce0d

Files

6fcfd8d199ac469ad2d9eba71a4b7bc10108a41345c5e8e18c41cc1dc278ce0d
.dll windows:6 windows x86 arch:x86

d14ea7113256795b6e6dad0b6b66f500

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateEventA
CreateEventW
Sleep
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetCurrentThreadId
GetExitCodeThread
GetSystemTimeAsFileTime
GetTickCount
GetNativeSystemInfo
VirtualQuery
VirtualAllocEx
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateTimerQueueTimer
DeleteTimerQueueTimer
FreeLibrary
GetModuleFileNameW
GetProcAddress
LoadLibraryW
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
GetLocaleInfoW
GetSystemDefaultLCID
GetUserDefaultLCID
OpenProcess
VirtualQueryEx
ReadFile
WriteFile
ConnectNamedPipe
CreateNamedPipeW
CreateRemoteThread
ReadProcessMemory
WriteProcessMemory
VirtualFreeEx
CreateToolhelp32Snapshot
Module32FirstW
Module32NextW
IsDBCSLeadByteEx
GetModuleHandleExW
ExitProcess
RtlUnwind
InterlockedFlushSList
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetModuleHandleW
DeleteCriticalSection
QueryPerformanceCounter
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SetEvent
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RaiseException
CloseHandle

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

psapi

GetModuleFileNameExW

msvcrt

strrchr
free
malloc
iswspace
_errno
realloc
wcstol
_wcsicmp
_beginthreadex
ceil
calloc
abort
_wcsdup
__pctype_func
___lc_codepage_func
___mb_cur_max_func
strchr
tolower
_callnewh
_initterm
strtol
_wcstoui64
?terminate@@YAXXZ
_lock
_unlock
___lc_handle_func
__lc_collate_cp
_XcptFilter
__getmainargs
_msize
mbtowc
_CIlog10
_clearfp
_CxxThrowException
memmove
memcpy
__CxxFrameHandler
wcsrchr
memset
_amsg_exit

Exports

Exports

Luna_CreatePipeAndCheck
Luna_Detach
Luna_EmbedSettings
Luna_FindHooks
Luna_FreePtr
Luna_Inject
Luna_InsertHookCode
Luna_QueryThreadHistory
Luna_RemoveHook
Luna_Settings
Luna_Start
Luna_checkisusingembed
Luna_embedcallback
Luna_useembed

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 38.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d14ea7113256795b6e6dad0b6b66f500

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

psapi

msvcrt

Exports

Exports

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 6KB - Virtual size: 38.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 6KB - Virtual size: 38.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB