345da86c58acf49ebe5f565f2f3e904df80678dda0de8bb2e207c91fc338945c

Sharing

Copy URL Twitter E-mail

General

Target

345da86c58acf49ebe5f565f2f3e904df80678dda0de8bb2e207c91fc338945c
Size

12.9MB
MD5

0f962c8fccb8c47a78fb1e1fdabdd67d
SHA1

691deffa2ea29e5ecac0b856515d22be73597ef8
SHA256

345da86c58acf49ebe5f565f2f3e904df80678dda0de8bb2e207c91fc338945c
SHA512

1ee787080c51e17dc92aef40d3d95c052e81ca78c2359085226938485de7e8e13f30d3be977a9abb77d3a0268a534fad1a077bb1c6f9f81db8f977443900f876
SSDEEP

196608:6x03OjYgd1t1ofGByN4NEedV8NUL3U7N4rgMHDBlinvA2cmEmusuIxSm:663Nq7kfe5Tc4rgMjBov/l3uh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
345da86c58acf49ebe5f565f2f3e904df80678dda0de8bb2e207c91fc338945c

Files

345da86c58acf49ebe5f565f2f3e904df80678dda0de8bb2e207c91fc338945c
.exe windows:6 windows x64 arch:x64

cb4d66fad8008b23e175ad6636e27159

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

d3d11

D3D11CreateDeviceAndSwapChain

d3dcompiler_43

D3DCompile

wininet

HttpQueryInfoA

kernel32

FreeLibrary
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

FindWindowA

advapi32

CreateServiceA

imm32

ImmSetCompositionWindow

d3dx11_43

D3DX11CreateShaderResourceViewFromMemory

Sections

.text
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12.9MB - Virtual size: 12.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb4d66fad8008b23e175ad6636e27159

Headers

DLL Characteristics

File Characteristics

Imports

d3d11

d3dcompiler_43

wininet

kernel32

user32

advapi32

imm32

d3dx11_43

Sections

.text Size: - Virtual size: 1.1MB

.rdata Size: - Virtual size: 307KB

.data Size: - Virtual size: 166KB

.pdata Size: - Virtual size: 50KB

Size: - Virtual size: 8.5MB

Size: 3KB - Virtual size: 3KB

Size: 12.9MB - Virtual size: 12.9MB

.reloc Size: 512B - Virtual size: 284B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: - Virtual size: 1.1MB

.rdata
Size: - Virtual size: 307KB

.data
Size: - Virtual size: 166KB

.pdata
Size: - Virtual size: 50KB

.reloc
Size: 512B - Virtual size: 284B

.rsrc
Size: 512B - Virtual size: 480B