4e8f8c8c71c61766c86beb438e563324ab9aea6ae07118bd6b497f5cf574d8fa

Sharing

Copy URL Twitter E-mail

General

Target

4e8f8c8c71c61766c86beb438e563324ab9aea6ae07118bd6b497f5cf574d8fa
Size

588KB
MD5

fcf59655d6b9dfd4148692ad3872d3cc
SHA1

b1f69e2cd8a0f74f7cb653d4399604bc9e980d78
SHA256

4e8f8c8c71c61766c86beb438e563324ab9aea6ae07118bd6b497f5cf574d8fa
SHA512

728c17adf2c17e1316b6b90da4f3f851140e2038ef96567f1efbeacc0034f944d248dbfe93ff1b914b9b2ea34b242360e4dde4e2b33d62c887a3b1bbd85c261d
SSDEEP

12288:kgeB63+8s3nC/cSxxKhVR6pOcEy+TGkAuekK:de6Ns3nC/cSxxKfROx+Tr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e8f8c8c71c61766c86beb438e563324ab9aea6ae07118bd6b497f5cf574d8fa

Files

4e8f8c8c71c61766c86beb438e563324ab9aea6ae07118bd6b497f5cf574d8fa
.dll windows:4 windows x86 arch:x86

28502231560b1e21ba17fe42b3dec62b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

t:\ace\x86\ship\0\aceoledb.pdb

Imports

ole32

StringFromGUID2
CoCreateInstance
CoGetMalloc
CoCreateGuid

msvcr80

__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_except_handler4_common
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
?terminate@@YAXXZ
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
fopen_s
fwprintf_s
fclose
vsprintf_s
wcscpy_s
vswprintf_s
wcsrchr
_time64
srand
calloc
rand
_vsnwprintf
_stricmp
_wassert
_wcsicmp
realloc
malloc
free
__CxxFrameHandler3
memcpy
memset

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
HeapAlloc
HeapFree
GetTempPathA
GetTempFileNameA
CreateProcessA
CloseHandle
GetProcessHeap
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualProtect
LoadLibraryA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
FreeLibrary
RaiseException
LoadLibraryExW
GetModuleHandleW
LocalAlloc
LoadLibraryW
GetSystemDirectoryW

user32

DialogBoxParamA
GetWindowLongA
EndDialog
GetDlgItem
GetWindowTextW
SendMessageA
SetWindowLongA
SetWindowTextA
SetWindowTextW
GetParent
GetWindowRect
GetDesktopWindow
GetSystemMetrics
MoveWindow
GetWindowTextA

advapi32

RegQueryValueExW
RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegOpenKeyExA

oleaut32

SetErrorInfo
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VariantCopy
VariantInit
GetErrorInfo
SysStringByteLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

28502231560b1e21ba17fe42b3dec62b

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ole32

msvcr80

kernel32

user32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 259KB

.rdata Size: 76KB - Virtual size: 74KB

.data Size: 12KB - Virtual size: 9KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 232KB - Virtual size: 232KB

.text
Size: 260KB - Virtual size: 259KB

.rdata
Size: 76KB - Virtual size: 74KB

.data
Size: 12KB - Virtual size: 9KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 232KB - Virtual size: 232KB