8e129e6dced6d8c47996a3a6117e0df1a1f554cb68ad8a634877cd02a13832b6

Sharing

Copy URL Twitter E-mail

General

Target

8e129e6dced6d8c47996a3a6117e0df1a1f554cb68ad8a634877cd02a13832b6
Size

3.1MB
MD5

4a2ba8376d130023445c10bef8016155
SHA1

98f86108f34caccd598b0d1c5a408e718cdc1f2d
SHA256

8e129e6dced6d8c47996a3a6117e0df1a1f554cb68ad8a634877cd02a13832b6
SHA512

b86f0ad5f56445438ecc0077614d9919bddf32da174ccba091085da437def86e221eceb85559ead94f544418380d2446412fedd6cc934295237b737131b6e135
SSDEEP

98304:AL4bdS/YH2q8NQNIQqyrcWmPj0bJUaVCTtdnmipAewmkN:hdS/YH2q8NQNIQqyruP4b2DuXX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e129e6dced6d8c47996a3a6117e0df1a1f554cb68ad8a634877cd02a13832b6

Files

8e129e6dced6d8c47996a3a6117e0df1a1f554cb68ad8a634877cd02a13832b6
.dll windows:5 windows x86 arch:x86

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.DirectX.Direct3DX.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetTempPathA
GetTempFileNameA
DeleteFileA
CloseHandle
ReadFile
CreateFileA
WriteFile
WideCharToMultiByte
GetVersionExA
OutputDebugStringA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetModuleHandleA
CompareStringA
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileW
DeleteFileW
SetFilePointer
GetSystemInfo
IsProcessorFeaturePresent
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
lstrcmpiA
GetLastError
FindResourceW
MultiByteToWideChar
VirtualFree
VirtualAlloc
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeResource
DisableThreadLibraryCalls

mscoree

_CorDllMain

msvcrt

tolower
_purecall
_CIfmod
memmove
_stricmp
_CIasin
fclose
fwrite
fopen
_wfopen
__CxxFrameHandler
fread
floor
wcstombs
isalnum
isspace
atof
isalpha
isxdigit
toupper
_isnan
strchr
_fpclass
_CItanh
_CIsinh
_CIexp
_CIcosh
iswpunct
iswdigit
iswalpha
iswspace
modf
frexp
isdigit
longjmp
_setjmp3
sscanf
_strdate
_strtime
rand
_ultoa
atol
_except_handler3
exit
sprintf
_tempnam
?terminate@@YAXXZ
strncpy
wcsncpy
_CIpow
ceil
_controlfp
qsort
_vsnprintf
_finite
_CIacos
atoi
wcslen
setlocale
realloc
calloc
malloc
_onexit
__dllonexit
_adjust_fdiv
_initterm
free
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_strdup
ldexp
_CIsqrt

user32

ReleaseDC
GetDC

gdi32

CreateFontIndirectA
GetObjectA
GetCurrentObject
MoveToEx
ExtTextOutA
GetOutlineTextMetricsA
GetGlyphOutlineA
ExtTextOutW
CreateCompatibleDC
SelectObject
DeleteObject
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
DeleteDC
CreateDIBSection
GetObjectW
GetTextMetricsA
GetGlyphOutlineW
GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 505KB - Virtual size: 508KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

PDB Paths

Imports

kernel32

mscoree

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 107KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 505KB - Virtual size: 508KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 107KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 505KB - Virtual size: 508KB