1841085aeed82453b3b7d1bc1d6e41250f7be306fad6c6d668bec953d396794aN

Sharing

Copy URL Twitter E-mail

General

Target

1841085aeed82453b3b7d1bc1d6e41250f7be306fad6c6d668bec953d396794aN
Size

264KB
MD5

fbacfeb2b099a73a0953f95ce6fe33a0
SHA1

f54f071f7f38768b5e1db57119707dc7e68e03f7
SHA256

1841085aeed82453b3b7d1bc1d6e41250f7be306fad6c6d668bec953d396794a
SHA512

c04d17cb96425a6eb22f03015eed0071b441845ed204de2de7620bd59cf866b5fcdf5618d017a1f2e54e81d584aff21740e63b7c4b6e1cf709c1ce11eb7c46d8
SSDEEP

3072:h3q1BzMy2nf2SZJC0KLsmJoYxxZ8UqKK4Vnz+Icp0rGoomUgR4WiEm2IPYWCX+pJ:aBzMvMtsnU8ozxqKGoZiE8P+udMc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1841085aeed82453b3b7d1bc1d6e41250f7be306fad6c6d668bec953d396794aN

Files

1841085aeed82453b3b7d1bc1d6e41250f7be306fad6c6d668bec953d396794aN
.dll windows:4 windows x86 arch:x86

e25490fc9d9eea9d4dc72f77bd64470f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetWindowsDirectoryA
GetProcAddress
LoadLibraryA
GetPrivateProfileSectionA
OutputDebugStringA
GetLastError
GetSystemDirectoryA
FindFirstFileA
MoveFileA
DeleteFileA
FormatMessageA
CopyFileA
FindClose
FindNextFileA
GetVersionExA
HeapCreate
SetLastError
GetCurrentProcess
TlsSetValue
TlsAlloc
GetLocaleInfoW
SetEndOfFile
LCMapStringA
TlsFree
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
CloseHandle
HeapDestroy
ReadFile
VirtualFree
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
TerminateProcess
LCMapStringW
GetCurrentThreadId
GetLocaleInfoA
MultiByteToWideChar
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
WriteFile
FlushFileBuffers
CreateFileA
SetFilePointer
GetStringTypeA
GetStringTypeW

user32

wsprintfA

advapi32

RegSetValueExA
RegOpenKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

setupapi

SetupDiGetSelectedDriverA
SetupDiGetDriverInfoDetailA

Exports

Exports

LvCoInstaller
SetupEntryPoint

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e25490fc9d9eea9d4dc72f77bd64470f

Headers

File Characteristics

Imports

version

kernel32

user32

advapi32

shell32

ole32

setupapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 21KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text Size: 180KB - Virtual size: 180KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 21KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 180KB - Virtual size: 180KB