a21bcff57ac210feceb5dca8a6a4afa0N

Sharing

Copy URL Twitter E-mail

General

Target

a21bcff57ac210feceb5dca8a6a4afa0N
Size

2.2MB
MD5

a21bcff57ac210feceb5dca8a6a4afa0
SHA1

8c9fa71e3c35bc23b17d834c09bb3d926d1d8c4a
SHA256

f8d9d9fbba0f6f035ed23a807fb44febf565009acc7a5abcd6c729ce68a86c9a
SHA512

aa36484b0306a79ae77c5dddb8fafae6ccfc5642cd5c5756668a3a8dcba8327a62ceaf793a817ab32e266ca5c4f1f677c0f45efc5dc5207a8e218c179c6ac668
SSDEEP

49152:Q2adecRwo/4aHt2LjcZ41MGHr/8W9j05gbHm4F/EDDVyPsy6a2jU:9uQaNIcShr/n9j/GY/EPV9j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a21bcff57ac210feceb5dca8a6a4afa0N

Files

a21bcff57ac210feceb5dca8a6a4afa0N
.dll windows:5 windows x86 arch:x86

bf103397fa163ed412cf00699c8de679

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

GetCurrentHwProfileA

setupapi

SetupDiSetSelectedDriverA

shlwapi

PathFileExistsA

ole32

OleSetContainedObject
GetHGlobalFromILockBytes
HMENU_UserUnmarshal

ntdsapi

DsReplicaFreeInfo

user32

SetMessageQueue
CloseDesktop

winscard

SCardEndTransaction

mprapi

MprConfigServerConnect

msvcrt

isupper

kernel32

CloseHandle
GetModuleFileNameA
ReadConsoleW
OutputDebugStringA
InterlockedPushEntrySList
GetSystemTimeAsFileTime
CopyFileW
SetPriorityClass
QueryPerformanceCounter

Sections

.text
Size: 496KB - Virtual size: 494KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.crt1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 368KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bI6k
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bf103397fa163ed412cf00699c8de679

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

setupapi

shlwapi

ole32

ntdsapi

user32

winscard

mprapi

msvcrt

kernel32

Sections

.text Size: 496KB - Virtual size: 494KB

.crt1 Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 368KB - Virtual size: 365KB

.data Size: 32KB - Virtual size: 33KB

.qdata Size: 36KB - Virtual size: 33KB

bI6k Size: 108KB - Virtual size: 104KB

.rsrc Size: 4KB - Virtual size: 864B

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 496KB - Virtual size: 494KB

.crt1
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 368KB - Virtual size: 365KB

.data
Size: 32KB - Virtual size: 33KB

.qdata
Size: 36KB - Virtual size: 33KB

bI6k
Size: 108KB - Virtual size: 104KB

.rsrc
Size: 4KB - Virtual size: 864B

.reloc
Size: 16KB - Virtual size: 13KB