3f51e5837d26efa39e5c8aca7e5e8488f079a29d09d7996423351db5147d06c5

Sharing

Copy URL Twitter E-mail

General

Target

3f51e5837d26efa39e5c8aca7e5e8488f079a29d09d7996423351db5147d06c5
Size

87KB
MD5

8eda7f89cea8aece4e06fea6a60df9d0
SHA1

038d9f0e8d9e409902f82f3b105f6b0a2b142f3d
SHA256

3f51e5837d26efa39e5c8aca7e5e8488f079a29d09d7996423351db5147d06c5
SHA512

7ed40a1a877e6d680f5f3dcf333ba645b64a5ed807ca66f58fb969c2c0208e36a4030d7a1b41f112f802a0f32ca460c5e4f03f1ee2983d7430f518fab2cc2dec
SSDEEP

768:IURjWPlrlGYQ6YMTeCqk8I6QlWAgTeIF73xFemUOqKOf8:18pnQ6tT5gFAj4xY7f8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f51e5837d26efa39e5c8aca7e5e8488f079a29d09d7996423351db5147d06c5

Files

3f51e5837d26efa39e5c8aca7e5e8488f079a29d09d7996423351db5147d06c5
.dll windows:4 windows x64 arch:x64

65c99c45fb4d4e7d686ce801adca9d85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
DisableThreadLibraryCalls
GetExitCodeThread
GetModuleHandleW
GetProcAddress
GetTickCount
HeapAlloc
HeapFree
HeapReAlloc
IsBadStringPtrW
MultiByteToWideChar
SetThreadPriority
Sleep
WaitForSingleObject

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__stdio_common_vsprintf
_strdup
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcspn
strlen

user32

MessageBoxA

winmm

DefDriverProc
mciDriverNotify
mciGetDriverData
mciSetDriverData
midiOutClose
midiOutGetNumDevs
midiOutOpen
midiOutReset
midiOutShortMsg
mmioClose
mmioDescend
mmioOpenW
mmioRead
mmioSeek

Exports

Exports

DriverProc

Sections

.text
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 320B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 575B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65c99c45fb4d4e7d686ce801adca9d85

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

ucrtbase

user32

winmm

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 112B

.rodata Size: 4KB - Virtual size: 12B

.rdata Size: 8KB - Virtual size: 5KB

.pdata Size: 4KB - Virtual size: 396B

.xdata Size: 4KB - Virtual size: 412B

.bss Size: - Virtual size: 320B

.edata Size: 4KB - Virtual size: 575B

.idata Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 48B

.text
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 112B

.rodata
Size: 4KB - Virtual size: 12B

.rdata
Size: 8KB - Virtual size: 5KB

.pdata
Size: 4KB - Virtual size: 396B

.xdata
Size: 4KB - Virtual size: 412B

.bss
Size: - Virtual size: 320B

.edata
Size: 4KB - Virtual size: 575B

.idata
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 48B