9dc95bcf561414c99634992ed2aedb351f91eec5a185c36b72b7a2f179201cdc

Sharing

Copy URL Twitter E-mail

General

Target

9dc95bcf561414c99634992ed2aedb351f91eec5a185c36b72b7a2f179201cdc
Size

405KB
MD5

431bbec500b9a9934290dd73e87eba42
SHA1

2ff0911af97d2e6b8fd3d668827b4f365ff3e8c8
SHA256

9dc95bcf561414c99634992ed2aedb351f91eec5a185c36b72b7a2f179201cdc
SHA512

1d5c8568a076103916c595beef720998a4253647c474c358c85eb0e55c245a1ce5714ddc6c7e0e99d1f44b9255174e7dace4a711c235dae69bfc03d97d16e587
SSDEEP

6144:WOvG/HFsaSGA4jZ5ciSkfqTwAO+HdVoiG/:xvGfFbBA4jZK13wedVoiG/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dc95bcf561414c99634992ed2aedb351f91eec5a185c36b72b7a2f179201cdc

Files

9dc95bcf561414c99634992ed2aedb351f91eec5a185c36b72b7a2f179201cdc
.dll windows:6 windows x86 arch:x86

6a8812df648ddcb3667297dad16ea29e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

CommandLineToArgvW

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal

kernel32

EnterCriticalSection
LeaveCriticalSection
GetProcAddress
GetModuleHandleA
LocalFree
GetLocalTime
GetCommandLineW
GetSystemDirectoryW
GetVolumeInformationW
GetComputerNameW
GetVersionExA
GetSystemDefaultLCID
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetCurrentDirectoryW
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
VirtualAlloc
VirtualFree
LoadLibraryA
DecodePointer
InterlockedDecrement
GlobalAlloc
GlobalFree
RaiseException
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
WideCharToMultiByte
ResetEvent
SetEvent
SetEndOfFile
HeapSize
FlushFileBuffers
CreateFileW
SetStdHandle
SetCurrentDirectoryW
DeleteCriticalSection
InitializeCriticalSection
CreateEventW
CloseHandle
GetLastError
SetThreadPriority
GetCurrentThread
InitializeSListHead
ReadConsoleW
GetProcessHeap
CreateThread
WaitForSingleObjectEx
OutputDebugStringW
InterlockedFlushSList
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetModuleFileNameW
ReadFile
GetStdHandle
GetFileType
WriteConsoleW
HeapFree
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetStringTypeW
GetACP
HeapReAlloc
WriteFile
GetConsoleCP
GetConsoleMode
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit

advapi32

CryptHashData
CheckTokenMembership
FreeSid
AllocateAndInitializeSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextA

netapi32

NetUserGetInfo
NetApiBufferFree

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a8812df648ddcb3667297dad16ea29e

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

kernel32

oleaut32

advapi32

netapi32

Sections

.text Size: 247KB - Virtual size: 247KB

.rdata Size: 73KB - Virtual size: 73KB

.data Size: 5KB - Virtual size: 22KB

.gfids Size: 512B - Virtual size: 496B

.tls Size: 512B - Virtual size: 9B

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 247KB - Virtual size: 247KB

.rdata
Size: 73KB - Virtual size: 73KB

.data
Size: 5KB - Virtual size: 22KB

.gfids
Size: 512B - Virtual size: 496B

.tls
Size: 512B - Virtual size: 9B

.reloc
Size: 11KB - Virtual size: 11KB