cdb9e276e1d1e9a55ff1bb53ade05aa4de217e22f07bb59b77ebea7b49d3c9c4

Sharing

Copy URL Twitter E-mail

General

Target

cdb9e276e1d1e9a55ff1bb53ade05aa4de217e22f07bb59b77ebea7b49d3c9c4
Size

766KB
MD5

db854606507bbf31cc249969efeee35a
SHA1

fbcb1d12e934866496117ff67bdae44c46257246
SHA256

cdb9e276e1d1e9a55ff1bb53ade05aa4de217e22f07bb59b77ebea7b49d3c9c4
SHA512

8a985b7be0e0b9214c1b5a1f055eda38a0384ecc034f4ca03d020f1f078faa1c2fcdbeb633b24042bbaeef8336dcc1eaff1009c906b45656a13a45a1739e7aa6
SSDEEP

12288:FoW1GOschZXSxyH2Zm+lc937cqJwOdQjQQdBux7vQfaC9daV/5jtp+s3:Fjcq0QSBMmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdb9e276e1d1e9a55ff1bb53ade05aa4de217e22f07bb59b77ebea7b49d3c9c4

Files

cdb9e276e1d1e9a55ff1bb53ade05aa4de217e22f07bb59b77ebea7b49d3c9c4
.dll windows:5 windows x86 arch:x86

076e616e1e220805a033d6e68a55f8a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualLock
VirtualAlloc
VirtualFree
DebugBreak
GetLastError
GetSystemInfo
IsBadCodePtr
VirtualQueryEx
GetCurrentProcessId
CreateMutexA
GetCurrentThreadId
CloseHandle
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
VirtualQuery
GetVersion
UnmapViewOfFile
OpenProcess
GetCurrentProcess
OpenMutexA
MapViewOfFileEx
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
OutputDebugStringA
IsDebuggerPresent
DeleteFileA
HeapFree
GetProcessHeap
HeapAlloc
WaitForSingleObject
ReleaseMutex
EnterCriticalSection
SetEvent
GetACP
MultiByteToWideChar
WideCharToMultiByte
FindClose
FindFirstFileA
GetModuleFileNameA
GetFileAttributesA
FindNextFileA
CreateFileA
GetLocaleInfoA
GetUserDefaultLCID
IsValidCodePage
SetEnvironmentVariableA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
EncodePointer
DecodePointer
RtlUnwind
RaiseException
GetCommandLineA
GetCPInfo
GetProcAddress
GetModuleHandleW
ExitProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetDriveTypeA
FindFirstFileExA
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetFullPathNameA
CreateDirectoryA
MoveFileA
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
IsProcessorFeaturePresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetOEMCP
CompareStringW
GetStringTypeW
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
SetStdHandle
GetCurrentDirectoryW
GetDriveTypeW
WriteConsoleW
SetEndOfFile
CreateFileW
LeaveCriticalSection
RemoveDirectoryA

user32

MessageBoxA

Exports

Exports

DllSetMemoryErrorHandler
FME_apiVersion
FME_createReader
FME_destroyReader
FME_initialize

Sections

.text
Size: 537KB - Virtual size: 537KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

076e616e1e220805a033d6e68a55f8a4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 537KB - Virtual size: 537KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 29KB - Virtual size: 88KB

.rsrc Size: 16KB - Virtual size: 16KB

.reloc Size: 61KB - Virtual size: 60KB

.text
Size: 537KB - Virtual size: 537KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 29KB - Virtual size: 88KB

.rsrc
Size: 16KB - Virtual size: 16KB

.reloc
Size: 61KB - Virtual size: 60KB