a5e09a062c52a839b4513faa9449bf13eaa3223807513007e46e3b6f5dce8f2a

Sharing

Copy URL Twitter E-mail

General

Target

a5e09a062c52a839b4513faa9449bf13eaa3223807513007e46e3b6f5dce8f2a
Size

1.2MB
MD5

63d825fee64f65f6168b9113e37a59e0
SHA1

bfb87adebd6e1af77372752c38703efcd9687726
SHA256

a5e09a062c52a839b4513faa9449bf13eaa3223807513007e46e3b6f5dce8f2a
SHA512

e7a4e30b979c00e17f8ddef27ed631688b4c813c01becea28002185ccea76836b981c7fabda00de121adebc9b29b0b6db8c16919244973e050c12c89968944f9
SSDEEP

24576:79B/D4ANS6guGJyYQwOGbRCVV+peJYm3nYnXXZK50ILm:hBL4A8PZbRCy4Ym8ZK50ILm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e09a062c52a839b4513faa9449bf13eaa3223807513007e46e3b6f5dce8f2a

Files

a5e09a062c52a839b4513faa9449bf13eaa3223807513007e46e3b6f5dce8f2a
.dll windows:6 windows x86 arch:x86

c3a2cf63c35217f5f351e5fa4b8df1b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
VariantCopy
SysFreeString
SysAllocStringByteLen
SysStringLen

user32

CharPrevExA
CharUpperW

kernel32

SetEvent
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
HeapSize
GetLastError
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
CloseHandle
SetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetModuleHandleW
GetProcAddress
FindClose
FindNextFileW
GetModuleHandleA
WriteFile
CompareFileTime
GetCurrentProcess
GetSystemInfo
GlobalMemoryStatus
GetProcessAffinityMask
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
EnterCriticalSection
LeaveCriticalSection
WaitForMultipleObjects
LocalFileTimeToFileTime
GetVersionExW
DeleteCriticalSection
FileTimeToLocalFileTime
GetOEMCP
QueryPerformanceCounter
FreeLibrary
LoadLibraryW
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
InitializeCriticalSection
DecodePointer
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
ResumeThread
SetThreadAffinityMask
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
TerminateProcess
GetStringTypeW
RaiseException
RtlUnwind
InterlockedFlushSList
EncodePointer
VirtualQuery
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleFileNameW
HeapFree
HeapAlloc
HeapReAlloc
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
GetFileType

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 938KB - Virtual size: 938KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3a2cf63c35217f5f351e5fa4b8df1b4

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

user32

kernel32

Exports

Exports

Sections

.text Size: 938KB - Virtual size: 938KB

.rdata Size: 150KB - Virtual size: 150KB

.data Size: 3KB - Virtual size: 39KB

.rsrc Size: 95KB - Virtual size: 94KB

.reloc Size: 39KB - Virtual size: 38KB

.text
Size: 938KB - Virtual size: 938KB

.rdata
Size: 150KB - Virtual size: 150KB

.data
Size: 3KB - Virtual size: 39KB

.rsrc
Size: 95KB - Virtual size: 94KB

.reloc
Size: 39KB - Virtual size: 38KB