8bf7dea6f3a64298e21f1bd6994cb98d051ad90e99bc86fe14d7a8b94af115c3

Sharing

Copy URL

Twitter E-mail

General

Target

8bf7dea6f3a64298e21f1bd6994cb98d051ad90e99bc86fe14d7a8b94af115c3
Size

172KB
MD5

c7b9998bf2955c198b6a8f688f4ca386
SHA1

40cc3a7b958c947e980618da16cfcfac463423ac
SHA256

8bf7dea6f3a64298e21f1bd6994cb98d051ad90e99bc86fe14d7a8b94af115c3
SHA512

c0394ea92884194f0c1c55246c01040a1acb5351b8c6582d6d81877b0f2aa29e3e150c837e058a31a25f1823c9063115378563609c99932628acf00319d4d65d
SSDEEP

3072:hnTgySkKjKi9t6jW1w76/uCUmaRBBBcAn3d2e1BouUED9t:hTry1w76CRrRntRLXD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bf7dea6f3a64298e21f1bd6994cb98d051ad90e99bc86fe14d7a8b94af115c3

Files

8bf7dea6f3a64298e21f1bd6994cb98d051ad90e99bc86fe14d7a8b94af115c3
.dll windows:4 windows x86 arch:x86

dd1ff3766dfa05fbeb41f8bf572470b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

neroerr

?SetFatal@CNeroError@@UAEHH@Z
?GetPrevious@CNeroError@@QAEPAV1@XZ
?CopyErrors@CNeroErrorList@@QAEXPAVCOrdinalNumber@@0@Z
?ClearErrors@CNeroErrorList@@QAEXXZ
?MyNeroThread@@YAAAVCAbstractThread@@XZ
?CreateNeroThread@@YAPAVCAbstractThread@@XZ
?CreateNeroSemaphore@@YAPAVCAbstractSemaphore@@J@Z
?Fatal@CNeroError@@UAEHXZ
?GetErrorIcon@CNeroError@@UAE?AW4NeroErrorID@@XZ
?GetError@CNeroError@@QAEHXZ
?GetFirst@CNeroError@@SAPAV1@XZ
?GetNext@CNeroError@@QAEPAV1@XZ
??1CNeroError@@UAE@XZ
??0CNeroError@@IAE@PBDHH@Z
?SetTakenByBurnStatus@CNeroError@@UAEXH@Z
?SetTakenByBurnStatus@CNeroError@@UAEXXZ
?GetTakenByBurnStatus@CNeroError@@UAEHXZ
?GetDescriptionLine@CNeroError@@UAEHHHPADH@Z
?GetDescriptionLine@CNeroError@@UAEHHPADH@Z
?GetThreadName@CNeroError@@UAEPBDXZ

newtrf

?Convert2kToMode2Form1With2336@@YAHQBEQAEPBE@Z
?GenEDC@@YAHPAEKPAV?$LittleEndian@K@@@Z

kernel32

SetLastError
TlsGetValue
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
GetCPInfo
CloseHandle
GetLastError
FormatMessageA
EnterCriticalSection
Sleep
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
RtlUnwind
RaiseException
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
HeapSize
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
FreeEnvironmentStringsA
GetStartupInfoA
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
IsBadCodePtr
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
IsBadReadPtr

Exports

Exports

?ISOGeneratorStart@@YAHPAUGen2FEProcRec@@QBUISOInfoRec@@QBUJolietInfoRec@@K@Z
OpenGenerator

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd1ff3766dfa05fbeb41f8bf572470b8

Headers

File Characteristics

Imports

neroerr

newtrf

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 113KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 9KB