ad4ba7c696e802df7a08e87c3447f18da5a94aed13e159af8c38109ca9712a08

Sharing

Copy URL

Twitter E-mail

General

Target

ad4ba7c696e802df7a08e87c3447f18da5a94aed13e159af8c38109ca9712a08
Size

820KB
MD5

e9cace49798fd540bcbb6ba387932d0c
SHA1

104b13ee3572919fed7cf0e29f612571f26c4632
SHA256

ad4ba7c696e802df7a08e87c3447f18da5a94aed13e159af8c38109ca9712a08
SHA512

d21298d62e54e7d0c8ab0016807793cd6b84ff1b2b2f5d3d05d133d1c402f48c50e7769dfa44836c04494cb41dd3970cbee8705d1b42d8050e71ef2ef38d3ed1
SSDEEP

6144:Ii05kH9OyU2uv5SRf/FWgFgtMgqIRAUW9kVYeVprU4wfhTv5xD2ZP0GVGdXcukT3:brHGPv5SmptxDmUWuVZkxikdXcq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad4ba7c696e802df7a08e87c3447f18da5a94aed13e159af8c38109ca9712a08

Files

ad4ba7c696e802df7a08e87c3447f18da5a94aed13e159af8c38109ca9712a08
.dll regsvr32 windows:4 windows x64 arch:x64

9a873558f9739b47d573400f9a0176b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xbpbxnxouib8mt

Imports

mprapi

MprAdminInterfaceTransportAdd

user32

GetDoubleClickTime

kernel32

GetBinaryTypeW
SetLastError
GetCurrentThreadId
MulDiv
ExitProcess
EnumResourceTypesA
GetModuleHandleA
GetModuleFileNameW
CreateDirectoryA
GetLastError

crypt32

CryptFreeOIDFunctionAddress

winmm

midiInReset

Exports

Exports

?AfxFreeLibrary@@YAHPEAUHINSTANCE__@@@Z
?AfxLoadLibrary@@YAPEAUHINSTANCE__@@PEBG@Z
?AfxLockGlobals@@YAXH@Z
?AfxUnlockGlobals@@YAXH@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sbss
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 160KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xlhmxa
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hmblv
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jtkif
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkyyh
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yxg
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jzuur
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.avq
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uefvk
Size: 4KB - Virtual size: 735B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yhntc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sutdpa
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9a873558f9739b47d573400f9a0176b2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mprapi

user32

kernel32

crypt32

winmm

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 1KB

.code Size: 12KB - Virtual size: 8KB

.sbss Size: 4KB - Virtual size: 1KB

.rdata Size: 128KB - Virtual size: 127KB

.data Size: 80KB - Virtual size: 76KB

.pdata Size: 4KB - Virtual size: 360B

.crt Size: 160KB - Virtual size: 158KB

DATA Size: 44KB - Virtual size: 41KB

.rsrc Size: 4KB - Virtual size: 1008B

.reloc Size: 4KB - Virtual size: 996B

.xlhmxa Size: 8KB - Virtual size: 4KB

.hmblv Size: 4KB - Virtual size: 1KB

.jtkif Size: 28KB - Virtual size: 27KB

.nkyyh Size: 4KB - Virtual size: 1KB

.yxg Size: 280KB - Virtual size: 276KB

.jzuur Size: 8KB - Virtual size: 7KB

.avq Size: 4KB - Virtual size: 1KB

.uefvk Size: 4KB - Virtual size: 735B

.yhntc Size: 4KB - Virtual size: 2KB

.sutdpa Size: 28KB - Virtual size: 27KB

.text
Size: 4KB - Virtual size: 1KB

.code
Size: 12KB - Virtual size: 8KB

.sbss
Size: 4KB - Virtual size: 1KB

.rdata
Size: 128KB - Virtual size: 127KB

.data
Size: 80KB - Virtual size: 76KB

.pdata
Size: 4KB - Virtual size: 360B

.crt
Size: 160KB - Virtual size: 158KB

DATA
Size: 44KB - Virtual size: 41KB

.rsrc
Size: 4KB - Virtual size: 1008B

.reloc
Size: 4KB - Virtual size: 996B

.xlhmxa
Size: 8KB - Virtual size: 4KB

.hmblv
Size: 4KB - Virtual size: 1KB

.jtkif
Size: 28KB - Virtual size: 27KB

.nkyyh
Size: 4KB - Virtual size: 1KB

.yxg
Size: 280KB - Virtual size: 276KB

.jzuur
Size: 8KB - Virtual size: 7KB

.avq
Size: 4KB - Virtual size: 1KB

.uefvk
Size: 4KB - Virtual size: 735B

.yhntc
Size: 4KB - Virtual size: 2KB

.sutdpa
Size: 28KB - Virtual size: 27KB