6c7d0aad57d3a3806a60f26d832503a528c49c6fa95540e3fb5b2f198597ead2

Sharing

Copy URL Twitter E-mail

General

Target

6c7d0aad57d3a3806a60f26d832503a528c49c6fa95540e3fb5b2f198597ead2
Size

3.2MB
MD5

168ed3c7fee4c73b9d986cc50e86d725
SHA1

62a81fddfd150af15ae595bb93495d7cba5add48
SHA256

6c7d0aad57d3a3806a60f26d832503a528c49c6fa95540e3fb5b2f198597ead2
SHA512

5e96ebcd863e999a75140385742a476bdf9291eec3fa96275ba483ef7582741f0173809dbe490d24fdf4a3069065cbade75c2000819c23226eb3cb85790fd69b
SSDEEP

98304:PTIVQDqvSbn+M84tRVYDudg5jBNPP5o5OvbsVnmiWN/:QQDqvSbn+M84tRVYDf5FNn5hd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c7d0aad57d3a3806a60f26d832503a528c49c6fa95540e3fb5b2f198597ead2

Files

6c7d0aad57d3a3806a60f26d832503a528c49c6fa95540e3fb5b2f198597ead2
.dll windows:5 windows x86 arch:x86

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Microsoft.DirectX.Direct3DX.pdb

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetTempPathA
GetTempFileNameA
DeleteFileA
CloseHandle
ReadFile
CreateFileA
WriteFile
WideCharToMultiByte
GetVersionExA
OutputDebugStringA
IsDBCSLeadByte
GetProcAddress
LoadLibraryA
GetModuleHandleA
CompareStringA
SetLastError
SizeofResource
LockResource
LoadResource
FindResourceA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileW
DeleteFileW
SetFilePointer
GetSystemInfo
IsProcessorFeaturePresent
EnterCriticalSection
InitializeCriticalSection
InterlockedCompareExchange
DeleteCriticalSection
LeaveCriticalSection
GetFullPathNameA
lstrcmpiA
GetLastError
FindResourceW
MultiByteToWideChar
VirtualFree
VirtualAlloc
MoveFileA
MoveFileW
GetTempFileNameW
IsBadWritePtr
GlobalMemoryStatus
FreeLibrary
SetEndOfFile
ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
HeapFree
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FreeResource
DisableThreadLibraryCalls

mscoree

_CorDllMain

msvcrt

tolower
_purecall
_CIfmod
memmove
_stricmp
_CIasin
fclose
fwrite
fopen
_wfopen
__CxxFrameHandler
fread
floor
wcstombs
isalnum
isspace
atof
isalpha
isxdigit
toupper
_isnan
strchr
_fpclass
_CItanh
_CIsinh
_CIexp
_CIcosh
iswpunct
iswdigit
iswalpha
iswspace
modf
frexp
isdigit
longjmp
_setjmp3
sscanf
_strdate
_strtime
rand
_ultoa
atol
_except_handler3
exit
sprintf
_tempnam
?terminate@@YAXXZ
strncpy
wcsncpy
_CIpow
ceil
_controlfp
qsort
_vsnprintf
_finite
_CIacos
atoi
wcslen
setlocale
realloc
calloc
malloc
_onexit
__dllonexit
_adjust_fdiv
_initterm
free
memcmp
??3@YAXPAX@Z
??2@YAPAXI@Z
_strdup
ldexp
_CIsqrt

user32

ReleaseDC
GetDC

gdi32

CreateFontIndirectA
GetObjectA
GetCurrentObject
MoveToEx
ExtTextOutA
GetOutlineTextMetricsA
GetGlyphOutlineA
ExtTextOutW
CreateCompatibleDC
SelectObject
DeleteObject
SetMapMode
SetTextAlign
CreateFontIndirectW
GetFontLanguageInfo
GetTextMetricsW
SetBkMode
SetBkColor
SetTextColor
GetCharacterPlacementW
GetCharacterPlacementA
DeleteDC
CreateDIBSection
GetObjectW
GetTextMetricsA
GetGlyphOutlineW
GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 513KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fe278dfa562b899256ac9b8958d4707

Headers

File Characteristics

PDB Paths

Imports

kernel32

mscoree

msvcrt

user32

gdi32

advapi32

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.data Size: 107KB - Virtual size: 360KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 513KB - Virtual size: 516KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.data
Size: 107KB - Virtual size: 360KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 513KB - Virtual size: 516KB