66e99fe0f759d1b39d9c701a1b22b6dd4ef41e74d2c8d113d52c048e2eb86165

Sharing

Copy URL Twitter E-mail

General

Target

66e99fe0f759d1b39d9c701a1b22b6dd4ef41e74d2c8d113d52c048e2eb86165
Size

16KB
MD5

5e8418fd2f807aab82ac4d9f2d032a5a
SHA1

7c5bf67cf138e9b9c2c30cf413b86dd5dfd1ca7b
SHA256

66e99fe0f759d1b39d9c701a1b22b6dd4ef41e74d2c8d113d52c048e2eb86165
SHA512

df2373b4df972c2dc3b11538665fa0be21454b0704a0baef6950fd06649b59985f69bace5080ee813710c1042f34d245ad649ffe62b7e30c30ce697444b8f66d
SSDEEP

192:9Jl2yvwhsFHS7SHHvgcBBBW57d5jKpIPfG3TGZgdUXgzm3fUYLT3Fx:9326FHsSHH4UvE7CkfG3TwwWTL7Fx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e99fe0f759d1b39d9c701a1b22b6dd4ef41e74d2c8d113d52c048e2eb86165

Files

66e99fe0f759d1b39d9c701a1b22b6dd4ef41e74d2c8d113d52c048e2eb86165
.dll windows:4 windows x64 arch:x64

5e31502d16d750dafd479730525144ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
memcpy
memset
realloc
strlen
strncmp
vfprintf

Exports

Exports

sqlite3_stmt_init

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e31502d16d750dafd479730525144ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 320B

.rdata Size: 2KB - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 600B

.xdata Size: 512B - Virtual size: 452B

.bss Size: - Virtual size: 272B

.edata Size: 512B - Virtual size: 77B

.idata Size: 1024B - Virtual size: 932B

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 116B

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 320B

.rdata
Size: 2KB - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 600B

.xdata
Size: 512B - Virtual size: 452B

.bss
Size: - Virtual size: 272B

.edata
Size: 512B - Virtual size: 77B

.idata
Size: 1024B - Virtual size: 932B

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 116B