f2e55046e1f929223e14f3c9e88f5b550bb0d1b30ee876e84a6dfd4b4c9ac4de

Sharing

Copy URL

Twitter E-mail

General

Target

f2e55046e1f929223e14f3c9e88f5b550bb0d1b30ee876e84a6dfd4b4c9ac4de
Size

539KB
MD5

a2452391e7f17d4006d1d38b6160e68c
SHA1

c82df6f3f8fc8048acf41f3cf5d7ecc1b54fe2d8
SHA256

f2e55046e1f929223e14f3c9e88f5b550bb0d1b30ee876e84a6dfd4b4c9ac4de
SHA512

f348428a705deecc0051723b934db44cb2a99e3da0456c8b0e0040f159549b4e70565675cf45c6c034b719f6678e6cd67e96183b8098730421c43f12437161cf
SSDEEP

12288:E1TLY9/cIKhpyFfIsd59w51AK/gU8VL8HdFonf:OT09/cI8pyTJkT/gU8tn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2e55046e1f929223e14f3c9e88f5b550bb0d1b30ee876e84a6dfd4b4c9ac4de

Files

f2e55046e1f929223e14f3c9e88f5b550bb0d1b30ee876e84a6dfd4b4c9ac4de
.dll regsvr32 windows:6 windows x86 arch:x86

ddf796fbf0a1e8bf0adc48ffaf9e2dca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
WriteFile
CloseHandle
HeapCreate
TryEnterCriticalSection
ConvertThreadToFiber
CreateFiber
SwitchToFiber
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
GetStdHandle
LockFile
SetFileTime
CreateNamedPipeA
PeekNamedPipe
VirtualAlloc
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
DeleteCriticalSection
GetLastError
SetLastError
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
FreeLibrary
LoadLibraryExW
LCMapStringW
GetFileType
GetStartupInfoW
CreateFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetProcessHeap
FlushFileBuffers
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
SetStdHandle
MultiByteToWideChar
SetEndOfFile
ReadFile
ReadConsoleW
SetFilePointerEx
RaiseException
ExitProcess
GetModuleHandleExW
GetStringTypeW
WriteConsoleW
HeapSize
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
InterlockedFlushSList
RtlUnwind
QueryPerformanceFrequency
FindClose
FindFirstFileExA
FindNextFileA
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

Exports

Exports

CkfBV22k0
DllRegisterServer
GVD330h
Kub25
ULWy4L
Yqd52Ulj

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 207KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ddf796fbf0a1e8bf0adc48ffaf9e2dca

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 90KB - Virtual size: 90KB

.rdata Size: 232KB - Virtual size: 232KB

.data Size: 207KB - Virtual size: 212KB

.gfids Size: 512B - Virtual size: 168B

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 232KB - Virtual size: 232KB

.data
Size: 207KB - Virtual size: 212KB

.gfids
Size: 512B - Virtual size: 168B

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 7KB - Virtual size: 6KB