33c44689b3743ddc305136674c3009bebf56aab696b105b01ed683b0d7ff7e40

Sharing

Copy URL Twitter E-mail

General

Target

33c44689b3743ddc305136674c3009bebf56aab696b105b01ed683b0d7ff7e40
Size

341KB
MD5

edc1301f96d7310918bce523f6a6d065
SHA1

956ee9921eeb5abdeeb38b2d445a7413547b4e00
SHA256

33c44689b3743ddc305136674c3009bebf56aab696b105b01ed683b0d7ff7e40
SHA512

1774d31ab0e09a48e1adfb151233d110d1ab1b52adc559ca5c1a4fde702468dc464c703393605f73412ec60b165ed24ca86f723d348faef418dfc6070787bddd
SSDEEP

6144:7kfsEn+xL/m3Anm49+F8cRhEks3+RyBaWicWu0XX0A/UXy0A/6P3tAUbvfDo5:7kfsEn+xLTpBkQ70XX0A/UXy0A/M6Ubq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33c44689b3743ddc305136674c3009bebf56aab696b105b01ed683b0d7ff7e40

Files

33c44689b3743ddc305136674c3009bebf56aab696b105b01ed683b0d7ff7e40
.dll windows:6 windows x86 arch:x86

b45eb88271ab4b3f7016b2253a6d253a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetLastError
SetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
LocalFree
FormatMessageA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetStdHandle
GetFileType
GetTimeZoneInformation
MultiByteToWideChar
WideCharToMultiByte
CloseHandle
ReadFile
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleOutputCP
GetFileSizeEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
SetStdHandle
GetStringTypeW
CreateFileW
HeapSize
HeapReAlloc
SetEndOfFile
WriteConsoleW
DecodePointer

Exports

Exports

fnDCPAPI
fnDCPGetLicense
fnDebugB
fnDispDcpCustomInfo
fnEBCToJISAPI
fnJISToEBCAPI
gLIC

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 188KB - Virtual size: 591KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45eb88271ab4b3f7016b2253a6d253a

Headers

DLL Characteristics

File Characteristics

Imports

iphlpapi

kernel32

Exports

Exports

Sections

.text Size: 114KB - Virtual size: 114KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 188KB - Virtual size: 591KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 114KB - Virtual size: 114KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 188KB - Virtual size: 591KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 5KB - Virtual size: 5KB