2797b1bf59b9011e565aa0d8b382d3e90a666bd46f19aedd6f1b68295dd5d21b

General

Target

2797b1bf59b9011e565aa0d8b382d3e90a666bd46f19aedd6f1b68295dd5d21b
Size

2.4MB
MD5

598b55a2ecfdff11e4d6214abb4384ba
SHA1

7158f6d1ed2ce3a199ae75e94279376be1f0c8cc
SHA256

2797b1bf59b9011e565aa0d8b382d3e90a666bd46f19aedd6f1b68295dd5d21b
SHA512

6ef5c3fbd56de088aff5e86ae7670056bfc60df82a9b993eb9ba42e64a52efa2a32c195eeb203290fb9660b4efe84d109b2c9f57d8120814bba9caddf71c319b
SSDEEP

49152:AoQIK3/qgRy9uWCzkL2B0pL3YfnJ0eXD1MMnoMSFYzy6JEec7CI6ttSN:AoKShgLAySlYfn/ZA4u6yeDIjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2797b1bf59b9011e565aa0d8b382d3e90a666bd46f19aedd6f1b68295dd5d21b

Files

2797b1bf59b9011e565aa0d8b382d3e90a666bd46f19aedd6f1b68295dd5d21b
.dll windows:5 windows x86 arch:x86

8f58bb7083ea06c9b0b76ac534b832b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mprapi

MprAdminInterfaceCreate

oleaut32

GetRecordInfoFromGuids

user32

EnableScrollBar
SetForegroundWindow

kernel32

GetModuleHandleA
GetStringTypeA
GetModuleHandleW
AreFileApisANSI
SetPriorityClass
OutputDebugStringA
LeaveCriticalSection
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind

gdi32

SetDCPenColor

Exports

Exports

AwcdthodsHlu

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8f58bb7083ea06c9b0b76ac534b832b8

Headers

File Characteristics

Imports

mprapi

oleaut32

user32

kernel32

gdi32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 1.1MB - Virtual size: 1.1MB

.data Size: 104KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 60KB - Virtual size: 57KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 1.1MB - Virtual size: 1.1MB

.data
Size: 104KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 60KB - Virtual size: 57KB