8622769f42002c0f6dec068eb9fb0d2db6f10d6e8698bbe6f30e4b594d2e4510

Sharing

Copy URL

Twitter E-mail

General

Target

8622769f42002c0f6dec068eb9fb0d2db6f10d6e8698bbe6f30e4b594d2e4510
Size

345KB
MD5

f0dcd38d85aa21e50b1e5c07a4175a31
SHA1

a486bc708fa0dcbb11c95a6903e1194b245c07f9
SHA256

8622769f42002c0f6dec068eb9fb0d2db6f10d6e8698bbe6f30e4b594d2e4510
SHA512

8b3c402390a755d8089fa965f87ba9a77859430ca8362b442d2c24d23236d50dbc9044e2ac2afa4c44c5a8f73ce3acdc018de011c1c4f461c8c2f4dacd7b3345
SSDEEP

6144:s3NhGwZlENTbznrYNZOjqwkDihpwlsNo:s3Nhz/EFbznr2Z9wSli

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8622769f42002c0f6dec068eb9fb0d2db6f10d6e8698bbe6f30e4b594d2e4510

Files

8622769f42002c0f6dec068eb9fb0d2db6f10d6e8698bbe6f30e4b594d2e4510
.dll windows:10 windows x86 arch:x86

32d5257054cacf9280638056421d1c9e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msclmd.pdb

Imports

msvcrt

swscanf_s
_stricmp
sscanf_s
memcpy
_vsnwprintf
_XcptFilter
_amsg_exit
malloc
_initterm
_except_handler4_common
_vsnprintf
free
memset

winscard

SCardControl
SCardWriteCacheW
SCardStatusW
SCardGetStatusChangeW
g_rgSCardT1Pci
SCardReadCacheW
SCardTransmit
g_rgSCardT0Pci
SCardFreeMemory

kernel32

HeapAlloc
QueryPerformanceCounter
HeapFree
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
LocalFree
GetLastError
RaiseException
GetCurrentThreadId
GetProcessHeap

advapi32

RegGetValueW
SystemFunction036
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage

crypt32

CryptDecodeObject
CertFreeCertificateContext
CryptEncodeObjectEx
CertCreateCertificateContext

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

user32

IsWindow

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey

Exports

Exports

CardAcquireContext
CardAcquireContextInternal

Sections

.text
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32d5257054cacf9280638056421d1c9e

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

winscard

kernel32

advapi32

crypt32

rpcrt4

user32

bcrypt

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 188KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 151KB - Virtual size: 151KB

.text
Size: 188KB - Virtual size: 188KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 151KB - Virtual size: 151KB