348bc01c6f9657e3dd398d492a092210d3398fba1828ec6f288275279d1d6486

Sharing

Copy URL Twitter E-mail

General

Target

348bc01c6f9657e3dd398d492a092210d3398fba1828ec6f288275279d1d6486
Size

852KB
MD5

b67ae91d49c2f6cd6ca6584888f1cb12
SHA1

34668a95bc4efce80537816a4e344fa44fee9dc9
SHA256

348bc01c6f9657e3dd398d492a092210d3398fba1828ec6f288275279d1d6486
SHA512

4844d3f86314a45d2f7c84ff4de24e15b9400c4cb45e71d5b2087e6c92a5f9f19f4bf86f2c6ae7438a5d4f5c827b10ea9879d22c449ca24b60599f45ee753602
SSDEEP

24576:qYRrtF92U8NMiTVtuKLy6SBX31CPYFNOd5qVil4UL4Z8nS3IOban5BsnPP71DGQm:vRrtF0U8NMiTVtuKLyHBX31CPYFNOd5v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
348bc01c6f9657e3dd398d492a092210d3398fba1828ec6f288275279d1d6486

Files

348bc01c6f9657e3dd398d492a092210d3398fba1828ec6f288275279d1d6486
.dll windows:4 windows x64 arch:x64

ad1f6d11f0122ab062e91319f52ceeab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_errno
_filelengthi64
_fileno
_initterm
_localtime64
_lock
_setmode
_unlock
_wfopen
abort
calloc
clearerr
exit
fclose
ferror
fflush
fgetc
fgetpos
fputc
fread
free
fsetpos
fwrite
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
setvbuf
signal
strerror
strlen
strncmp
ungetc
vfprintf
wcschr
wcslen

user32

MessageBoxA

libgcc_s_seh-1

__emutls_get_address

Exports

Exports

NimMain
Update

Sections

.text
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad1f6d11f0122ab062e91319f52ceeab

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

libgcc_s_seh-1

Exports

Exports

Sections

.text Size: 660KB - Virtual size: 659KB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 147KB - Virtual size: 147KB

.pdata Size: 15KB - Virtual size: 15KB

.xdata Size: 18KB - Virtual size: 18KB

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 88B

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 660KB - Virtual size: 659KB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 147KB - Virtual size: 147KB

.pdata
Size: 15KB - Virtual size: 15KB

.xdata
Size: 18KB - Virtual size: 18KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 88B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 2KB - Virtual size: 2KB