72c79405e99e061f67e522afd86195920bd84ccc8c67b43c62d9fd0cdc69e8b1

Sharing

Copy URL Twitter E-mail

General

Target

72c79405e99e061f67e522afd86195920bd84ccc8c67b43c62d9fd0cdc69e8b1
Size

10KB
MD5

ccefd77af3222ef0925a52ebb822a1ee
SHA1

6416183bca701cfb747683ad08de82685337bc6f
SHA256

72c79405e99e061f67e522afd86195920bd84ccc8c67b43c62d9fd0cdc69e8b1
SHA512

83da556f935fba5345935326dc91454aceea699da9f897ce4c80e9af2ba2c8d65d1331e996f33d8b797561f6af1802793bea4ffa1022266f2d9ec99c27d2928d
SSDEEP

96:nPaCuM+7JbqDft0vocg8zKL3jKnCy2Xn6ISup9aHiFEiFJ0Qcbt/2AUphj:nxudbIfSvhgt3KF23c8aE0VbUVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c79405e99e061f67e522afd86195920bd84ccc8c67b43c62d9fd0cdc69e8b1

Files

72c79405e99e061f67e522afd86195920bd84ccc8c67b43c62d9fd0cdc69e8b1
.dll windows:4 windows x86 arch:x86

d48aa5a55f2826842f11f0f186c67c83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

rtl100.bpl

@System@initialization$qqrv
@System@Finalization$qqrv
@System@RegisterModule$qqrp17System@TLibModule
@System@@DynArrayClear$qqrrpvpv
@System@@DynArraySetLength$qqrv
@System@@DynArrayHigh$qqrv
@System@@CopyArray$qqrv
@System@@FinalizeArray$qqrpvt1ui
@System@@InitializeArray$qqrpvt1ui
@System@Pos$qqrx17System@AnsiStringt1
@System@@LStrCopy$qqrv
@System@@LStrAddRef$qqrpv
@System@@LStrCmp$qqrv
@System@@LStrCat3$qqrv
@System@@LStrLen$qqrx17System@AnsiString
@System@@LStrToString$qqrv
@System@@LStrFromChar$qqrr17System@AnsiStringc
@System@@LStrAsg$qqrpvpxv
@System@@LStrClr$qqrpv
@System@@RunError$qqruc
@System@@Halt0$qqrv
@System@@StartLib$qqrv
@System@@HandleFinally$qqrv
@System@@ReadLn$qqrr15System@TTextRec
@System@@ReadLString$qqrr15System@TTextRecr17System@AnsiString
@System@@EofText$qqrr15System@TTextRec
@System@@Close$qqrr15System@TTextRec
@System@@Assign$qqrr15System@TTextRecx17System@AnsiString
@System@@ResetText$qqrr15System@TTextRec
@System@@_IOTest$qqrv
@$xp$13System@string
@Sysutils@initialization$qqrv
@Sysutils@Finalization$qqrv
@Classes@initialization$qqrv
@Classes@Finalization$qqrv
@Typinfo@initialization$qqrv
@Typinfo@Finalization$qqrv
@Variants@initialization$qqrv
@Variants@Finalization$qqrv
@Varutils@initialization$qqrv
@Varutils@Finalization$qqrv
@Registry@initialization$qqrv
@Registry@Finalization$qqrv
@Inifiles@initialization$qqrv
@Inifiles@Finalization$qqrv

kernel32

TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
FreeLibrary

cccore.bpl

@Sharemem@initialization$qqrv
@Sharemem@Finalization$qqrv
@Cformula@initialization$qqrv
@Cformula@Finalization$qqrv
@Cformula@TFormula@GetCmpAmount$qqrr26System@%SmallString$iuc$8%
@Cmatchin@initialization$qqrv
@Cmatchin@Finalization$qqrv
@Cstrutil@initialization$qqrv
@Cstrutil@Finalization$qqrv

Exports

Exports

MatchCheckFunc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 520B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d48aa5a55f2826842f11f0f186c67c83

Headers

File Characteristics

Imports

rtl100.bpl

kernel32

cccore.bpl

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.itext Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 44B

.bss Size: - Virtual size: 520B

.idata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 81B

.reloc Size: 512B - Virtual size: 508B

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.itext
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 44B

.bss
Size: - Virtual size: 520B

.idata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 81B

.reloc
Size: 512B - Virtual size: 508B

.rsrc
Size: 1KB - Virtual size: 1KB