badb8babd5185c3e539bd0801c0a9fedd766d55c8ff719004edaa4675f7965a7

Sharing

Copy URL Twitter E-mail

General

Target

badb8babd5185c3e539bd0801c0a9fedd766d55c8ff719004edaa4675f7965a7
Size

58KB
MD5

78d7912c288d36c0f4b7c40f103397b6
SHA1

43c0306873a7100313303e0a789d261f2007aefd
SHA256

badb8babd5185c3e539bd0801c0a9fedd766d55c8ff719004edaa4675f7965a7
SHA512

46403aa14ce96faabce4292c3266c0fca7afa97ea4aeaf72061966239ccf8aa681443f25f15090951bf5db8df6ecc245e30d1d5582c65008cba6d1c837627b3e
SSDEEP

384:INiK++JECxM+62Y6rIaffFbmc7IAT/PFpxzs0Biy3jionKvF:Ia+ydnk8aFrVKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
badb8babd5185c3e539bd0801c0a9fedd766d55c8ff719004edaa4675f7965a7

Files

badb8babd5185c3e539bd0801c0a9fedd766d55c8ff719004edaa4675f7965a7
.dll windows:4 windows x86 arch:x86

824e3cc932b24ac14edfc0564bcbc860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc
IsBadStringPtrA
IsBadStringPtrW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcspn
strlen

Exports

Exports

PIDGenA
PIDGenSimpA
PIDGenSimpW
PIDGenW
SetupPIDGenA
SetupPIDGenW
VerifyPIDSequenceW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

824e3cc932b24ac14edfc0564bcbc860

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

ucrtbase

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 288B

.rodata Size: 4KB - Virtual size: 124B

.rdata Size: 4KB - Virtual size: 428B

/4 Size: 4KB - Virtual size: 1KB

.edata Size: 4KB - Virtual size: 216B

.idata Size: 4KB - Virtual size: 844B

.rsrc Size: 4KB - Virtual size: 884B

.reloc Size: 4KB - Virtual size: 360B

.text
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 288B

.rodata
Size: 4KB - Virtual size: 124B

.rdata
Size: 4KB - Virtual size: 428B

/4
Size: 4KB - Virtual size: 1KB

.edata
Size: 4KB - Virtual size: 216B

.idata
Size: 4KB - Virtual size: 844B

.rsrc
Size: 4KB - Virtual size: 884B

.reloc
Size: 4KB - Virtual size: 360B