939d031a5dfda100c8592ac51e2befede35f197db5bc8f69b98d61ecc3b89236

Sharing

Copy URL

Twitter E-mail

General

Target

939d031a5dfda100c8592ac51e2befede35f197db5bc8f69b98d61ecc3b89236
Size

105KB
MD5

177857e581500da2eb76679daa8e394f
SHA1

36e5fe9a8833f24a60f568b53a0ae50e1215668b
SHA256

939d031a5dfda100c8592ac51e2befede35f197db5bc8f69b98d61ecc3b89236
SHA512

340374cadf49533c4029baefa47a0ccff93cca989429c6589423cfb0704ec1719013bbeca9baed43e6d2a394537a6541da04e1ff36c383985dcd6ccd6f216e24
SSDEEP

3072:NyE9embY+gYbm9ZS1LBomVzjrbsEzATo1pdGndzk:NyW+rvIvVkxk1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
939d031a5dfda100c8592ac51e2befede35f197db5bc8f69b98d61ecc3b89236

Files

939d031a5dfda100c8592ac51e2befede35f197db5bc8f69b98d61ecc3b89236
.dll windows:4 windows x86 arch:x86

2a5c9a8ac61a04fa523269d51e98ebcb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetModuleHandleA
GetModuleFileNameA
LocalAlloc
SetUnhandledExceptionFilter
GetLocaleInfoA
lstrcpyW
lstrcatW
GetLocalTime
UnhandledExceptionFilter
FindResourceW
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStringTypeA
LCMapStringW
LCMapStringA
LoadResource
SizeofResource
lstrlenA
FreeLibrary
lstrcpynW
GetCommandLineA
lstrcmpiW
lstrlenW
VirtualProtect
GetCurrentProcess
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
HeapAlloc
HeapFree
RtlUnwind
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
GetCPInfo
GetStringTypeW

user32

LoadStringW
CharNextW

advapi32

RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyA
RegSetValueA
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a5c9a8ac61a04fa523269d51e98ebcb

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 79KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 79KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 3KB - Virtual size: 3KB