169de41d3e0c8c8e71cf2daab5ca77bf8c9c8c02cbf28b662434d692245a2ef2

Sharing

Copy URL

Twitter E-mail

General

Target

169de41d3e0c8c8e71cf2daab5ca77bf8c9c8c02cbf28b662434d692245a2ef2
Size

355KB
MD5

23a8c264b1536f02d8ab012118ec7f05
SHA1

97fb61945a682f6c51182b3117e57b302066aca7
SHA256

169de41d3e0c8c8e71cf2daab5ca77bf8c9c8c02cbf28b662434d692245a2ef2
SHA512

2abd8aeada3167a5e391e7d6cea7926b99933c3cb6c534e886ecaa05cd3fc9b400e105e1516cb2f7039e944ba33d8ad40ca36b1362debe0824bd8de96f626920
SSDEEP

6144:wprmdD/6r4T3XaGUp/axX0CcN6vpRohcXg0Ybd:wpreL6r4T3Kf/yX5pRoe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169de41d3e0c8c8e71cf2daab5ca77bf8c9c8c02cbf28b662434d692245a2ef2

Files

169de41d3e0c8c8e71cf2daab5ca77bf8c9c8c02cbf28b662434d692245a2ef2
.dll windows:6 windows x64 arch:x64

19aa058cc80b70d3f2dc9262cd974f6a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Bamboo\home\xml-data\build-dir\CST-DLIN-SOURCES\bin\x64\ReleaseMT\log.pdb

Imports

kernel32

GetCurrentThreadId
GetProcAddress
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
MultiByteToWideChar
LoadLibraryW
FreeLibrary
GetModuleFileNameW
FindResourceExW
FindResourceW
SizeofResource
LoadResource
LockResource
ExpandEnvironmentStringsW
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
GetCurrentProcessId
GetTickCount
GetShortPathNameW
CreateDirectoryW
GetLastError
GetSystemTime
SystemTimeToFileTime
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
SetEvent
WaitForSingleObject
CloseHandle
ResetEvent
CreateThread
CreateEventW
CreateFileW
WaitForMultipleObjects
Sleep
OutputDebugStringW
GetFileSizeEx
WriteFile
SetFilePointerEx
MoveFileW
RaiseException
InitializeCriticalSectionEx
DecodePointer
WriteConsoleW
SetEndOfFile
GetConsoleOutputCP
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetStringTypeW
WideCharToMultiByte
EncodePointer
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
GetTimeZoneInformation
ReadFile
FlushFileBuffers
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetConsoleMode
ReadConsoleW
SetStdHandle
HeapReAlloc
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

PostThreadMessageW
PeekMessageW

shell32

SHGetFolderPathW

Exports

Exports

LogApplySettings
LogDeinit
LogEnable
LogGetLevel
LogInit
LogIsEnabled
LogMonitorSettings
LogRemoveModule
LogSetDepth
LogSetLevel
LogSetMaxSize
LogSetMode
LogSetPath
LogSetSettingsFile
LogSetType
LogTrackEvent
LogTrackEventData
LogUninitMetrics
LogWrite
LogWrite2

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19aa058cc80b70d3f2dc9262cd974f6a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 236KB - Virtual size: 236KB

.rdata Size: 91KB - Virtual size: 90KB

.data Size: 9KB - Virtual size: 15KB

.pdata Size: 12KB - Virtual size: 12KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 236KB - Virtual size: 236KB

.rdata
Size: 91KB - Virtual size: 90KB

.data
Size: 9KB - Virtual size: 15KB

.pdata
Size: 12KB - Virtual size: 12KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB