2985da7f53ab980ccbfd93312a39bd24caa0e8453de0dc85822f568237b69d6d

Sharing

Copy URL Twitter E-mail

General

Target

2985da7f53ab980ccbfd93312a39bd24caa0e8453de0dc85822f568237b69d6d
Size

576KB
MD5

c76ad48ee1d37c2744124116ab7b6835
SHA1

319ea49fa16123957ae2dd370616d3e9e3794a99
SHA256

2985da7f53ab980ccbfd93312a39bd24caa0e8453de0dc85822f568237b69d6d
SHA512

150eb93fc19a216187eae0380bdf75ef8f3f454df8e32270218ac3803a7fe2426f6ebcfcc9360ccd2daa4e1ec5767554f9136a7e35ddb1ed41d50867a1867872
SSDEEP

12288:UzB4lCrz77gYRwtEMntVTP6OUugNHjnQ/:Ud4gfoY41tVOOUhlC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2985da7f53ab980ccbfd93312a39bd24caa0e8453de0dc85822f568237b69d6d

Files

2985da7f53ab980ccbfd93312a39bd24caa0e8453de0dc85822f568237b69d6d
.dll windows:4 windows x86 arch:x86

f4fa70ecdc2b8668a8899315496a6316

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DispatchMessageA

comdlg32

GetFileTitleA

advapi32

RegisterServiceCtrlHandlerA

ole32

CoInitialize

oleaut32

SafeArrayGetLBound

wininet

HttpQueryInfoA

shlwapi

PathFileExistsA

wtsapi32

WTSQueryUserToken

userenv

CreateEnvironmentBlock

msvcrt

strchr

shell32

SHGetSpecialFolderPathA

Exports

Exports

ChromeUpdate
RegisterUserNotifyInterface

Sections

.text
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xrp0
Size: - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xrp1
Size: 564KB - Virtual size: 563KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4fa70ecdc2b8668a8899315496a6316

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

wininet

shlwapi

wtsapi32

userenv

msvcrt

shell32

Exports

Exports

Sections

.text Size: - Virtual size: 84KB

.rdata Size: - Virtual size: 2KB

.data Size: - Virtual size: 88KB

.xrp0 Size: - Virtual size: 445KB

.xrp1 Size: 564KB - Virtual size: 563KB

.reloc Size: 4KB - Virtual size: 96B

.rsrc Size: 4KB - Virtual size: 652B

.text
Size: - Virtual size: 84KB

.rdata
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 88KB

.xrp0
Size: - Virtual size: 445KB

.xrp1
Size: 564KB - Virtual size: 563KB

.reloc
Size: 4KB - Virtual size: 96B

.rsrc
Size: 4KB - Virtual size: 652B