7ebe40664ca74598d35381df64498d56488f07ae4bec54be8d711ba6b326d878

Sharing

Copy URL Twitter E-mail

General

Target

7ebe40664ca74598d35381df64498d56488f07ae4bec54be8d711ba6b326d878
Size

159KB
MD5

5c494e2527f9347ebc8ab3608994780a
SHA1

c410d1143f936fbe095902f025e65872be229205
SHA256

7ebe40664ca74598d35381df64498d56488f07ae4bec54be8d711ba6b326d878
SHA512

6d99e017c576110c1466538921907e0a2273cc03d5394b6e6585d0683f040059e0f17a37323abf76c21e9b73ad9adf275a338ae61e6e744f4542f69be14fd868
SSDEEP

3072:2JDwuhb2j0GwaWhRA2y4cJ+KpXKpeBDT0SzOqHxqOtGrC2kPuHfdIavxAQXN33d:mDwuhyj0GAhS2yXBKyT0SzOqHxqOt90j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ebe40664ca74598d35381df64498d56488f07ae4bec54be8d711ba6b326d878

Files

7ebe40664ca74598d35381df64498d56488f07ae4bec54be8d711ba6b326d878
.dll windows:5 windows x86 arch:x86

814c0a8e80be47e86fa1f8ecb2bc206b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

WSAGetLastError
WSACleanup
WSAStartup
socket
sendto
select
recvfrom
inet_addr
htons
ioctlsocket
closesocket
__WSAFDIsSet

kernel32

WriteConsoleW
SetFilePointerEx
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
lstrlenA
lstrlenW
MultiByteToWideChar
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
DebugBreak
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringW
CreateThread
TerminateThread
ResumeThread
SetEvent
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
CloseHandle
CreateEventW
WriteFile
GetModuleFileNameW
CreateFileW
WideCharToMultiByte
CreateWaitableTimerW
SetWaitableTimer
CancelWaitableTimer
CreateSemaphoreW
GetModuleFileNameA
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
GetCommandLineW
FindNextFileA
FindFirstFileExA
FindClose
GetConsoleMode
GetConsoleCP
IsDebuggerPresent
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
SetLastError
ExitProcess
GetModuleHandleExW
GetStringTypeW
GetACP
GetStdHandle
GetFileType
LCMapStringW

user32

CharNextW
LoadStringW
wsprintfW
CharUpperW
PostMessageW
SendMessageW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Exports

Exports

LSG606_GetLibVersion
LSG606_Open
PLUG_GetLink

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

814c0a8e80be47e86fa1f8ecb2bc206b

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

version

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 3KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 236B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 3KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 236B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB