3be07c1b2edf5a1723ef1e120d95d67d4e438e326eae694cad1eb655f01a69f7

Sharing

Copy URL Twitter E-mail

General

Target

3be07c1b2edf5a1723ef1e120d95d67d4e438e326eae694cad1eb655f01a69f7
Size

343KB
MD5

409ae613933f772fa5ff635f0857d3d8
SHA1

6fa34a1ebf62569ffdbf93849b79e7c66a7422d4
SHA256

3be07c1b2edf5a1723ef1e120d95d67d4e438e326eae694cad1eb655f01a69f7
SHA512

1064a1732cee2190c30d972e0794b2c9fee0be32f3c8d7153b587776cc19d03278a5cfa2ae40a585b8b067bb6d5a159806211018ae8349d0832156781d26a585
SSDEEP

6144:xuAMR5iuqGvkTMkfwZO6mFFAZzHx3RT/Fl9+ihpzJX15:xuzR5iJGvkTMkfw9mFmBHx3l/FlvJl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be07c1b2edf5a1723ef1e120d95d67d4e438e326eae694cad1eb655f01a69f7

Files

3be07c1b2edf5a1723ef1e120d95d67d4e438e326eae694cad1eb655f01a69f7
.dll windows:10 windows x86 arch:x86

1f9d9c382dcad1e7cab0f38def9fd398

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msclmd.pdb

Imports

msvcrt

swscanf_s
memcpy
_vsnwprintf
sscanf_s
_XcptFilter
_except_handler4_common
free
malloc
_initterm
_stricmp
_vsnprintf
_amsg_exit
memset

winscard

SCardWriteCacheW
SCardStatusW
g_rgSCardT1Pci
SCardControl
SCardReadCacheW
SCardFreeMemory
SCardTransmit
g_rgSCardT0Pci
SCardGetStatusChangeW

kernel32

HeapAlloc
QueryPerformanceCounter
HeapFree
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
LocalFree
GetLastError
GetCurrentThreadId
RaiseException
GetProcessHeap

advapi32

RegGetValueW
SystemFunction036
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage

crypt32

CryptDecodeObject
CertFreeCertificateContext
CryptEncodeObjectEx
CertCreateCertificateContext

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

user32

IsWindow

bcrypt

BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey

Exports

Exports

CardAcquireContext
CardAcquireContextInternal

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f9d9c382dcad1e7cab0f38def9fd398

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

winscard

kernel32

advapi32

crypt32

rpcrt4

user32

bcrypt

Exports

Exports

Sections

.text Size: 186KB - Virtual size: 186KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 151KB - Virtual size: 151KB

.text
Size: 186KB - Virtual size: 186KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 151KB - Virtual size: 151KB