6affb174e4c833c62cfd3302763fe35b2c3298d5734c8dd0caf28b7107cd83d8N

Sharing

Copy URL Twitter E-mail

General

Target

6affb174e4c833c62cfd3302763fe35b2c3298d5734c8dd0caf28b7107cd83d8N
Size

924KB
MD5

59d9fbb3e187527e78ad813376539590
SHA1

6e22d951ad6b7ae3e27cbadce9fed45fbf754331
SHA256

6affb174e4c833c62cfd3302763fe35b2c3298d5734c8dd0caf28b7107cd83d8
SHA512

337c1356d55e65be5c3e193bba10fa61808b8a94d2c15bf911a6115b7211e83d41abab52b8254d3fdfd24150e66c9620e917a2091ab49e88100195342796026d
SSDEEP

6144:b2fQ6LPP2520qtUW6x7Kx53+x8z2XisH+xiQAW4rDWr9Bg6mOeL+/LD/gfJMMLyd:b2f1rPN0qFF2XisHza+JMp3rjWmSa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6affb174e4c833c62cfd3302763fe35b2c3298d5734c8dd0caf28b7107cd83d8N

Files

6affb174e4c833c62cfd3302763fe35b2c3298d5734c8dd0caf28b7107cd83d8N
.dll windows:4 windows x64 arch:x64

d764f46a4de2425473a876937268621f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReleaseSemaphore
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__doserrno
__iob_func
_amsg_exit
_errno
_filelengthi64
_fileno
_fstat64
_initterm
_lock
_lseeki64
_strnicmp
_unlock
_wfopen
abort
calloc
fclose
fflush
fgetpos
fopen
fputc
fputs
fread
free
fsetpos
fwrite
getc
getenv
getwc
isspace
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
putc
putwc
realloc
setlocale
setvbuf
signal
sprintf
strcmp
strcoll
strcpy
strerror
strftime
strlen
strncmp
strstr
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscoll
wcsftime
wcslen
wcsxfrm
_write
_strdup
_read
_fileno
_fdopen

Exports

Exports

DllMain
lv2_descriptor
lv2_generate_ttl

Sections

.text
Size: 727KB - Virtual size: 727KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 127B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d764f46a4de2425473a876937268621f

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 727KB - Virtual size: 727KB

.data Size: 12KB - Virtual size: 12KB

.rdata Size: 66KB - Virtual size: 66KB

.pdata Size: 44KB - Virtual size: 44KB

.xdata Size: 61KB - Virtual size: 61KB

.bss Size: - Virtual size: 5KB

.edata Size: 512B - Virtual size: 127B

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 727KB - Virtual size: 727KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 66KB - Virtual size: 66KB

.pdata
Size: 44KB - Virtual size: 44KB

.xdata
Size: 61KB - Virtual size: 61KB

.bss
Size: - Virtual size: 5KB

.edata
Size: 512B - Virtual size: 127B

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 5KB - Virtual size: 5KB