0f3f3856a8303b2a9a745c27d13f30fe354ff929323d079a61a19ca79d99afab

Sharing

Copy URL

Twitter E-mail

General

Target

0f3f3856a8303b2a9a745c27d13f30fe354ff929323d079a61a19ca79d99afab
Size

5.1MB
MD5

8a62374ba2550a6a89487231a586c1c9
SHA1

97f2d8505fbf1069b33d41d2bc796ab4413d4931
SHA256

0f3f3856a8303b2a9a745c27d13f30fe354ff929323d079a61a19ca79d99afab
SHA512

674e5959244990456e72d4bf9b5c36e5ac0ce0534a7c0c40a3dd14164537ea1551be3f37068a39a5808af531ab7238fa1e2ae73a97c2fc8c6b1566c05a16881c
SSDEEP

98304:OtsKPaeVl2LQ5CgjYpunDTmVM+WzY+Bl3ARG//ff26WUEAy9vSd:4sKJ2WCgqunDqs9Bz33ZWrfvO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f3f3856a8303b2a9a745c27d13f30fe354ff929323d079a61a19ca79d99afab

Files

0f3f3856a8303b2a9a745c27d13f30fe354ff929323d079a61a19ca79d99afab
.dll windows:5 windows x86 arch:x86

7fb971e9e790b137182d14615fed5af0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\Git\WiseCAM-Restricted\src\Signature\Release\PropertyUI.pdb

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

GetAce

iphlpapi

GetIfTable

shell32

ILFree

hid

HidP_GetCaps

setupapi

SetupInstallFileA

dhcpcsvc

DhcpIsEnabled

dhcpcsvc6

Dhcpv6IsEnabled

psapi

EnumProcesses

wsock32

bind

msvcp100

?_BADOFF@std@@3_JB

msvcr100

exit

nesttargetscommon

??1XMLDocument@tinyxml2@@UAE@XZ

Exports

Exports

GetSuperDogCheckAdvanced
GetSuperDogCheckPolicy

Sections

.AKS1
Size: 2.5MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS2
Size: 2.6MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.AKS3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fb971e9e790b137182d14615fed5af0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

iphlpapi

shell32

hid

setupapi

dhcpcsvc

dhcpcsvc6

psapi

wsock32

msvcp100

msvcr100

nesttargetscommon

Exports

Exports

Sections

.AKS1 Size: 2.5MB - Virtual size: 3.2MB

.AKS2 Size: 2.6MB - Virtual size: 3.5MB

.AKS3 Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.AKS1
Size: 2.5MB - Virtual size: 3.2MB

.AKS2
Size: 2.6MB - Virtual size: 3.5MB

.AKS3
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB