fd3eb550bf5752073042bd445ed7886b0b09451456914edac5e483be07d3e710

Sharing

Copy URL Twitter E-mail

General

Target

fd3eb550bf5752073042bd445ed7886b0b09451456914edac5e483be07d3e710
Size

79KB
MD5

c508c439c734a0b593fab39ab43a5c8a
SHA1

de1eb4d882faf3fe2ab304aa28110fceb86b3ba0
SHA256

fd3eb550bf5752073042bd445ed7886b0b09451456914edac5e483be07d3e710
SHA512

c88a0f950d53a62452b550ae92c234bf919438e16a3ba56568a7062b141b5ac3b08398acb3b4a8abafce25db9f97895f099e302e1bdcfaa972369dfc14f594a2
SSDEEP

1536:tsaxCFb+CV8vPWp/wWPbV/HOdtG2ZXpsWWacdyIwbMn2BDy/:ts/b7CnWp/wwV/Hi1iylM21y/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd3eb550bf5752073042bd445ed7886b0b09451456914edac5e483be07d3e710

Files

fd3eb550bf5752073042bd445ed7886b0b09451456914edac5e483be07d3e710
.dll windows:6 windows x86 arch:x86

4ba57bf39dc97a19be6b79a976f9efcb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DrawLine.pdb

Imports

kernel32

CompareStringW
SetLastError
EnterCriticalSection
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
GetCurrentThread
LoadLibraryW
GetProcAddress
DeleteCriticalSection
LCMapStringW
GetModuleHandleW
GetThreadTimes
VirtualQuery
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlUnwind
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RaiseException
ExitProcess
HeapFree
HeapAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileW
WriteConsoleW

Exports

Exports

GetGlobalInfoW
GetPluginInfoW
OpenW
SetStartupInfoW

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ba57bf39dc97a19be6b79a976f9efcb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 4KB - Virtual size: 4KB