4361658e8abf834688f72220b5d806d209a3f2478e55553dad147f71cfe033a1

Sharing

Copy URL Twitter E-mail

General

Target

4361658e8abf834688f72220b5d806d209a3f2478e55553dad147f71cfe033a1
Size

648KB
MD5

12225c1dfaeee484a891fa417d6d4b82
SHA1

e5f2f161d3aa9a38d03b1d01ac0562876b95b2b5
SHA256

4361658e8abf834688f72220b5d806d209a3f2478e55553dad147f71cfe033a1
SHA512

e845b4d8b1fccb7eb903b9536f22f64ef5ef9770f0a085cced80367c4ea83a1371dd70b169862f489459c67785d46389c28a7b5154ecf0c8a7abdb67025a5641
SSDEEP

6144:vl4VuvBya2u+3I8JO2pGaKu69u69u69u69um:vl5ya2u+3tA2p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4361658e8abf834688f72220b5d806d209a3f2478e55553dad147f71cfe033a1

Files

4361658e8abf834688f72220b5d806d209a3f2478e55553dad147f71cfe033a1
.dll windows:5 windows x86 arch:x86

cead935cada99369067465bf2d4ab071

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ntohl
htons
htonl

kernel32

ReleaseSemaphore
CreateSemaphoreA
Sleep
WaitForSingleObject
InitializeCriticalSection
WaitForSingleObjectEx
TerminateThread
CreateThread
SetThreadPriority
GetCurrentProcess
GetCurrentThreadId
GetVersionExA
GetSystemInfo
CompareStringW
CreateFileA
CreateFileW
GetSystemDirectoryW
DeleteFileA
GetSystemDirectoryA
lstrcmpA
VirtualAlloc
VirtualFree
InterlockedDecrement
InterlockedIncrement
WaitForMultipleObjects
GetTickCount
GetSystemTimeAsFileTime
GetProcAddress
LoadLibraryW
FreeLibrary
GlobalLock
GlobalAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
SetFilePointer
SetEndOfFile
GetFileSize
ReadFile
WriteFile
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
VirtualProtect
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
IsValidLocale
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
SetEvent
DeviceIoControl
CreateEventA
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CloseHandle
CreateIoCompletionPort
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLastError
PulseEvent
SetUnhandledExceptionFilter
ExitProcess
ExitThread
ResetEvent
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
CreateMutexA
ReleaseMutex
LoadLibraryA
ResumeThread
LocalAlloc
InterlockedExchange
RaiseException
GetCommandLineA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
HeapSize
GetLocaleInfoW

advapi32

CreateServiceW
ChangeServiceConfigW
QueryServiceStatus
StartServiceW
OpenServiceW
UnlockServiceDatabase
LockServiceDatabase
CloseServiceHandle
OpenSCManagerW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
QueryServiceConfigW

Exports

Exports

DeinitServerExtension
InitServerExtension
_ReflectiveLoader@0

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.shell
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cead935cada99369067465bf2d4ab071

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 155KB - Virtual size: 155KB

.rdata Size: 31KB - Virtual size: 30KB

.data Size: 127KB - Virtual size: 135KB

.reloc Size: 13KB - Virtual size: 13KB

.shell Size: 320KB - Virtual size: 320KB

.text
Size: 155KB - Virtual size: 155KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 127KB - Virtual size: 135KB

.reloc
Size: 13KB - Virtual size: 13KB

.shell
Size: 320KB - Virtual size: 320KB