a956e1eb1f5dcaf10f2cf255946c27040a83c68eafc0ff1ccf67e839ae2042e1

Sharing

Copy URL Twitter E-mail

General

Target

a956e1eb1f5dcaf10f2cf255946c27040a83c68eafc0ff1ccf67e839ae2042e1
Size

506KB
MD5

b3bdb2be9069f72272cad81d7d10a952
SHA1

573812890dd9b5124099c740ccbb0e46a93660ea
SHA256

a956e1eb1f5dcaf10f2cf255946c27040a83c68eafc0ff1ccf67e839ae2042e1
SHA512

b239f5a0be93f42ff96011a9432159ea46f1f2cc255f1ba93fb1c019d8589c6a63a58e759a96ad29085cb69b8d048d47419e3526c60b510f3b96252b3242a0ae
SSDEEP

3072:G54c92AEHK76gQ2f/Jsb5cV3OBPYJiYm3PGG4bgdmx:G54c9OHK76/2ZrV3OBP4iYm3PGG4bik

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a956e1eb1f5dcaf10f2cf255946c27040a83c68eafc0ff1ccf67e839ae2042e1

Files

a956e1eb1f5dcaf10f2cf255946c27040a83c68eafc0ff1ccf67e839ae2042e1
.dll windows:5 windows x86 arch:x86

1c40236f927aa45e13a906503d0fd947

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\bds_temp\naver_capture_app\ncapture_app\2.4.7.4-real\build\src\Update\NaverToolsAgent\Release\NaverCaptureAgent.pdb

Imports

kernel32

SetLastError
RaiseException
CreateFileA
SetEndOfFile
GetStringTypeW
GetStringTypeA
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
CreateFileW
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetModuleFileNameW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
WideCharToMultiByte
LoadLibraryW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
ReadFile
GetStartupInfoA
SetHandleCount
SetFilePointer
ExitProcess
HeapCreate
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
GetCurrentProcess
MultiByteToWideChar
lstrlenA
CreateThread
CloseHandle
GetLastError
CreateMutexW
GetSystemTimeAsFileTime
lstrcmpiW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetModuleFileNameA
WriteFile
GetProcAddress
RtlUnwind
GetCommandLineA
GetStdHandle
lstrlenW
DeleteFileW
GetTickCount
GetTempPathW
EnterCriticalSection
GetProcessHeap
HeapSize
HeapReAlloc
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
Sleep
GetExitCodeProcess
lstrcmpA
LocalAlloc
LCMapStringA
LocalFree
GetFileType
WriteConsoleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
VirtualAlloc
VirtualFree
HeapDestroy
HeapAlloc
HeapFree
LoadLibraryA

user32

SendMessageW
FindWindowW
UnregisterClassA

gdi32

DeleteDC

advapi32

RegCreateKeyExW
RegQueryValueExW
RegDeleteValueW
RegCloseKey

shell32

ShellExecuteExW

ole32

CoUninitialize
CoInitialize

shlwapi

PathAppendW
PathFileExistsW

crypt32

CryptMsgClose
CryptQueryObject
CryptMsgGetParam
CryptDecodeObject
CertFindCertificateInStore
CertGetNameStringW
CertCloseStore
CertFreeCertificateContext

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

wininet

DeleteUrlCacheEntryW

gdiplus

GdiplusShutdown

wintrust

WinVerifyTrust

Exports

Exports

Request

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 369KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c40236f927aa45e13a906503d0fd947

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

crypt32

urlmon

wininet

gdiplus

wintrust

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 369KB - Virtual size: 369KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 369KB - Virtual size: 369KB

.reloc
Size: 10KB - Virtual size: 10KB