5295c664b5c5c90f70a0bb28ddd30bb54460fc7d4d8cca5faac670f51e2d4c91

General

Target

5295c664b5c5c90f70a0bb28ddd30bb54460fc7d4d8cca5faac670f51e2d4c91
Size

1.8MB
MD5

457e87ffcec6e9a7aafef6da037e10bb
SHA1

38f061ab8118098a72fb42878f56329827bf73c2
SHA256

5295c664b5c5c90f70a0bb28ddd30bb54460fc7d4d8cca5faac670f51e2d4c91
SHA512

30e500d87ee251ab27e39b1139b74a6f2ae8c8972ee87d50e83639681939bb480b858709dad69fa6415d6c2a0065784cb9fd410fa3a3ca0bfe2177af26984b8b
SSDEEP

24576:NMPD+QiNWFFvaxuW2Eez4W0hZuzix1BMkkt0QdQezjvFmNm7Wmk1Mny9F9SV:WL3ih4W2kZ/1W+QdJjLs1FcV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5295c664b5c5c90f70a0bb28ddd30bb54460fc7d4d8cca5faac670f51e2d4c91

Files

5295c664b5c5c90f70a0bb28ddd30bb54460fc7d4d8cca5faac670f51e2d4c91
.dll windows:5 windows x86 arch:x86

41df5ae8b645fb87b8d4a56468358e53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
SetPriorityClass
GetStringTypeA
AreFileApisANSI
GetModuleHandleW
OutputDebugStringA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind

mprapi

MprAdminInterfaceTransportGetInfo

gdi32

SetDCPenColor

oleaut32

GetRecordInfoFromGuids

user32

ToAscii
SetForegroundWindow

Exports

Exports

AwcdthodsHlu

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41df5ae8b645fb87b8d4a56468358e53

Headers

File Characteristics

Imports

kernel32

mprapi

gdi32

oleaut32

user32

Exports

Exports

Sections

.text Size: 944KB - Virtual size: 943KB

.rdata Size: 828KB - Virtual size: 827KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 944KB - Virtual size: 943KB

.rdata
Size: 828KB - Virtual size: 827KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 35KB