88f7b1215ea7201b17cdc320ba2525daf212f10774e683e189e44bf6e4cb47d1

Sharing

Copy URL

Twitter E-mail

General

Target

88f7b1215ea7201b17cdc320ba2525daf212f10774e683e189e44bf6e4cb47d1
Size

1.5MB
MD5

3d5240adaf304f06b618a064fc3514fd
SHA1

31e14b1218a37d4e9dfd5ccd9b66e48328d16287
SHA256

88f7b1215ea7201b17cdc320ba2525daf212f10774e683e189e44bf6e4cb47d1
SHA512

d6bd655f9477b185d9ae4ed93f82e46a1b35b80d57bc36f27a05d926457b66d3624ce665000c1b17e1192c845c40851a18e48f57b64af62b4027848d21f236b7
SSDEEP

24576:7+KpPtMPHIzkQZU/U0U9OwwoMBrQW7d6yt+zEJB49SGBP/Ap5/HtP2SoMFA:/V3VZAogEjP/A3/tP2SoMFA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88f7b1215ea7201b17cdc320ba2525daf212f10774e683e189e44bf6e4cb47d1

Files

88f7b1215ea7201b17cdc320ba2525daf212f10774e683e189e44bf6e4cb47d1
.dll windows:6 windows x86 arch:x86

5d8ff53eca9028aa5efa747ba8aa522d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertEnumCertificatesInStore
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext

ws2_32

WSACleanup
WSAGetLastError
recv
send
WSASetLastError
closesocket

kernel32

GetTimeZoneInformation
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
SetEndOfFile
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
GetModuleHandleExW
DeleteFiber
WideCharToMultiByte
ConvertFiberToThread
CloseHandle
FreeLibrary
LoadLibraryA
LoadLibraryW
FindClose
FindFirstFileW
FindNextFileW
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetFullPathNameW
GetCurrentDirectoryW
SetStdHandle
GetFileSizeEx
SetFilePointerEx
GetConsoleOutputCP
FlushFileBuffers
HeapSize
DecodePointer
WriteConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
EncodePointer
LoadLibraryExW
ExitProcess
SetConsoleCtrlHandler
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetModuleFileNameW
HeapFree
HeapAlloc
HeapReAlloc
CompareStringW
LCMapStringW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

advapi32

CryptAcquireContextW
RegisterEventSourceW
ReportEventW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
DeregisterEventSource

bcrypt

BCryptGenRandom

Exports

Exports

EncryptString

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5d8ff53eca9028aa5efa747ba8aa522d

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

ws2_32

kernel32

user32

advapi32

bcrypt

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 362KB - Virtual size: 361KB

.data Size: 6KB - Virtual size: 20KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 44KB - Virtual size: 44KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 362KB - Virtual size: 361KB

.data
Size: 6KB - Virtual size: 20KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 44KB