b746def3587f30023963fd81db853fd828070f4f9191942ee8968b13b9ff1023

Sharing

Copy URL Twitter E-mail

General

Target

b746def3587f30023963fd81db853fd828070f4f9191942ee8968b13b9ff1023
Size

115KB
MD5

08ec30be0a3185887e95d95f1c0a1315
SHA1

871759db06651141af11a3668d73fe10c4d0504a
SHA256

b746def3587f30023963fd81db853fd828070f4f9191942ee8968b13b9ff1023
SHA512

603045f0716a9cbdc3f53bfe5ed19c493dc30eac185b85e90dec3a3c1bae1b81ddd3c5a5cd77e79f690efe353db3adcda383acd3b6ddb16f9f3b12cf0c152bd8
SSDEEP

1536:I327FbdaWt2pgvzjZ6daU8wG2geBk9v8iOALkrAicj52VisKyqBhGMGILFI7mm:zPZ54G2geQLraiTyqFLFh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b746def3587f30023963fd81db853fd828070f4f9191942ee8968b13b9ff1023

Files

b746def3587f30023963fd81db853fd828070f4f9191942ee8968b13b9ff1023
.dll windows:1 windows x86 arch:x86

66a11f601625550f545ecaeb8b168a4a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
CreateFileW
DeleteFileA
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentDirectoryA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
InitializeCriticalSection
LCMapStringA
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
LocalFree
MultiByteToWideChar
OpenFile
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
_lclose
lstrcatA
lstrcpyA
lstrlenA

shell32

SHChangeNotify

user32

CharToOemBuffA
DialogBoxParamA
EndDialog
EnumThreadWindows
GetDesktopWindow
MessageBoxA
OemToCharBuffA
SendDlgItemMessageA
SendMessageA
wsprintfA
wvsprintfA

Exports

Exports

GetUnzDllPrivVersion
GetUnzDllVersion
UnzDllExec
___CPPdebugHook

Sections

.text
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66a11f601625550f545ecaeb8b168a4a

Headers

File Characteristics

Imports

kernel32

shell32

user32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 84KB

.data Size: 21KB - Virtual size: 36KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 84KB

.data
Size: 21KB - Virtual size: 36KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 4KB